EUVD-2020-29486

Malware in sbrugna...

EUVD-2025-30549

Malicious code in bioql PyPI...

CVE-2025-58664

Missing Authorization vulnerability in Azizul Hasan Text To Speech TTS Accessibility text-to-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Text To Speech TTS Accessibility: from n/a through = 1.9.30...

CVE-2025-58664

Missing Authorization vulnerability in Azizul Hasan Text To Speech TTS Accessibility text-to-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Text To Speech TTS Accessibility: from n/a through = 1.9.30...

CVE-2025-58664 WordPress Text To Speech TTS Accessibility plugin <= 1.9.30 - Broken Access Control vulnerability

Missing Authorization vulnerability in Azizul Hasan Text To Speech TTS Accessibility text-to-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Text To Speech TTS Accessibility: from n/a through = 1.9.30...

PT-2025-38953

Name of the Vulnerable Software and Affected Versions Azizul Hasan Text To Speech TTS Accessibility versions through 1.9.20 Description A missing authorization issue exists in Azizul Hasan Text To Speech TTS Accessibility. The issue involves exploiting incorrectly configured access control securi...

TestLink 安全漏洞

TestLink is a suite of open source software from the TestLink team for managing the software testing process and providing statistical analysis. A security vulnerability exists in TestLink version 1.9.20 that stems from the application not checking user permissions, resulting in an access control...

PT-2024-31908 · Testlink · Testlink

Name of the Vulnerable Software and Affected Versions: TestLink version 1.9.20 Description: The issue is related to Incorrect Access Control in the TestPlan editing section. When a new TestPlan is created, an ID with an incremental value is automatically generated. Using the edit function, it is...

CVE-2024-46097

TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a new TestPlan is created, an ID with an incremental value is automatically generated. Using the edit function you can change the tplanid parameter to another ID. The application does not carry out a...

CVE-2024-46097

Summary: CVE-2024-46097 affects TestLink 1.9.20 with an Incorrect Access Control in the TestPlan editing section. The flaw allows changing the tplan_id via edit operations due to missing permission checks, enabling recovery and modification of TestPlan IDs (including administrative ones) with min...

TestLink 安全漏洞

TestLink is a suite of open source software from the TestLink team for managing the software testing process and providing statistical analysis. A security vulnerability exists in TestLink versions prior to v.1.9.20 that stems from the presence of cross-site scripting XSS...

PT-2024-30200 · Testlink · Testlink

Name of the Vulnerable Software and Affected Versions: TestLink versions prior to 1.9.20 Description: The issue allows for Cross Site Scripting XSS via the pop-up on upload file. When uploading a file, the XSS payload can be entered into the file name. Recommendations: For versions prior to 1.9.2...

$1,313 Bounty Awarded for Privilege Escalation Vulnerability Patched in Academy LMS WordPress Plugin

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 14th, 2024, during our second Bug Bounty...

CVE-2023-50110

TestLink through 1.9.20 allows type juggling for authentication bypass because === is not used...

Authentication flaw

TestLink through 1.9.20 allows type juggling for authentication bypass because === is not used...

CVE-2023-50110

TestLink through 1.9.20 allows type juggling for authentication bypass because === is not used...

CVE-2023-50110

CVE-2023-50110 affects TestLink up to version 1.9.20. The root cause is type juggling in authentication due to not using strict equality (===), enabling authentication bypass. Impact is high (I: High) with no confidentiality/availability impacts, per sources. Exploitation details are not provided...

PT-2023-31477 · Testlink · Testlink

Name of the Vulnerable Software and Affected Versions: TestLink versions 1.9.20 and earlier Description: The issue allows type juggling for authentication bypass because the === operator is not used. This can lead to unauthorized access. Recommendations: For versions 1.9.20 and earlier, consider...

TestLink 跨站请求伪造漏洞

TestLink is a suite of open source software from the TestLink team for managing the software testing process and providing statistical analysis. A security vulnerability exists in TestLink v1.9.20, which was discovered via /lib/plan/planView.php to contain a cross-site request forgery vulnerabili...

CVE-2022-35194

TestLink v1.9.20 was discovered to contain a stored cross-site scripting XSS vulnerability via /lib/inventory/inventoryView.php...