237 matches found
CVE-2026-2382
The FPW Category Thumbnails plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the 'fpwfsgetfile' AJAX action in all versions up to, and including, 1.9.5. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2382
The FPW Category Thumbnails plugin for WordPress is affected by a Stored Cross-Site Scripting (Stored XSS) issue in all versions up to and including 1.9.5. The vulnerability arises from insufficient input sanitization and output escaping in the id parameter of the fpw_fs_get_file AJAX action, all...
PT-2026-45702
The FPW Category Thumbnails plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the 'fpw fs get file' AJAX action in all versions up to, and including, 1.9.5. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-39821 affecting package packer for versions less than 1.9.5-14
CVE-2026-39821 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-39835 affecting package packer for versions less than 1.9.5-14
CVE-2026-39835 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-39827 affecting package packer for versions less than 1.9.5-14
CVE-2026-39827 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-39829 affecting package packer for versions less than 1.9.5-14
CVE-2026-39829 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-42502 affecting package packer for versions less than 1.9.5-14
CVE-2026-42502 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-25681 affecting package packer for versions less than 1.9.5-14
CVE-2026-25681 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-42506 affecting package packer for versions less than 1.9.5-14
CVE-2026-42506 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-42508 affecting package packer for versions less than 1.9.5-14
CVE-2026-42508 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-39834 affecting package packer for versions less than 1.9.5-14
CVE-2026-39834 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-27136 affecting package packer for versions less than 1.9.5-14
CVE-2026-27136 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-25680 affecting package packer for versions less than 1.9.5-14
CVE-2026-25680 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-46597 affecting package packer for versions less than 1.9.5-14
CVE-2026-46597 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-39832 affecting package packer for versions less than 1.9.5-14
CVE-2026-39832 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-46598 affecting package packer for versions less than 1.9.5-14
CVE-2026-46598 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-39828 affecting package packer for versions less than 1.9.5-14
CVE-2026-39828 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
Astra Linux - уязвимость в unbound
Unbound before version 1.9.5 allows for an integer overflow in the regional allocator through regionalalloc. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be exploited remotely or locally...
Astra Linux - уязвимость в unbound
Unbound before version 1.9.5 can cause assertion failures and denial of service in synthcname. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an active UnBound installation cannot be exploited remotely or locally...