65 matches found
EUVD-2026-29458
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...
CVE-2026-45218
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...
CVE-2026-45218
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...
CVE-2026-45218
Summary: WP Travel WordPress plugin (versions
CVE-2026-45218 WordPress WP Travel plugin <= 11.4.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...
PT-2026-40016
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...
WordPress plugin WP Travel SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress WP Travel plugin <= 11.4.0 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Nhut Quang in WordPress Plugin WP Travel versions = 11.4.0...
CVE-2026-43432
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhcidisableslot xhcialloccommand allocates a command structure and, when the second argument is true, also allocates a completion structure. Currently, the error handling path in xhcidisableslot only...
GHSA-MPC7-MM28-F6WQ Mattermost allows authenticated guest users to enumerate user IDs outside their allowed visibility scope
Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to apply view restrictions when retrieving group member IDs, which allows authenticated guest users to enumerate user IDs outside their allowed visibility scope via the group retrieval endpoint...
EUVD-2026-15607
Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...
CVE-2026-24989
Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...
CVE-2026-24989 WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...
PT-2026-27877
Name of the Vulnerable Software and Affected Versions FantasticPlugins SUMO Affiliates Pro versions prior to 11.4.0 Description An issue exists in FantasticPlugins SUMO Affiliates Pro related to the deserialization of untrusted data, which can lead to object injection. The affected component is...
Secomea GateManager 安全漏洞
Secomea GateManager is a remote access server product developed by the Danish company Secomea. Version 11.4.0 of Secomea GateManager contains a security vulnerability. This vulnerability stems from improper authentication procedures, which may lead to authentication bypass...
WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Phat RiO in WordPress Plugin SUMO Affiliates Pro versions 11.4.0...
CVE-2025-69618
An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...
CVE-2025-69618
An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...
CVE-2025-69618
The CVE-2025-69618 entry concerns Tarot, Astro & Healing v11.4.0. A flaw in the file import process allows arbitrary file overwrite of critical internal files, potentially enabling arbitrary code execution or disclosure of sensitive information. Connected sources (e.g., Red Hat, NVD, CVE lists an...
EUVD-2021-14691
Malware in sbrugna...