CVE-2026-1303

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimpcampaignsmanagerdisconnectapp function that is hooked to the AJAX action of the same name. This makes it possib...

Plugin Oficial – Getnet para WooCommerce <= 1.8.0 - Cross-Site Scripting

The Plugin Oficial – Getnet para WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on the 'page' parameter. This makes it possible for unauthenticated attackers to...

CVE-2025-1303

creationtimestamp| type| source ---|---|--- 2026-02-09 18:34:06+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-1303.yaml 2026-02-12 21:03:29+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3meovcerf2g2c...

CVE-2022-1303

The Slide Anything WordPress plugin before 2.3.44 does not sanitize and escape sliders' description, which could allow high privilege users such as editor and above to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

WordPress Plugin Oficial – Getnet para WooCommerce plugin < 1.8.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Plugin Oficial – Getnet para WooCommerce versions 1.8.1...

CVE-2025-1303

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

CVE-2025-1303

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

CVE-2025-1303 Plugin Oficial – Getnet para WooCommerce <= 1.7.3 - Unauthenticated Reflected XSS

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

CVE-2025-1303

CVE-2025-1303 concerns the Plugin Oficial WordPress plugin (Getnet para WooCommerce) up to version 1.7.3. The issue is a reflected cross-site scripting (XSS) vulnerability caused by a parameter not being sanitised/escaped before being echoed in the page. Exploitation is described against unauthen...

Linux Distros Unpatched Vulnerability : CVE-2014-1303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified...

RHEL 6 : webkitgtk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - WebKit: Improper handling of data types from event objects CVE-2010-4205 - webkitgtk: heap-based buffer...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

CVE-2014-1303

creationtimestamp| type| source ---|---|--- 2024-04-19 05:31:25+00:00| published-proof-of-concept| Telegram/GGU4Zjcy9RRRzCj87pkQSgeBh3KoSL3WZk3hlgAXEsZ2B0X...

CVE-2024-1303

creationtimestamp| type| source ---|---|--- 2024-03-12 17:32:01+00:00| seen| https://t.me/ctinow/205893 2024-03-12 17:32:10+00:00| seen| https://t.me/ctinow/205901...

CVE-2024-1303 Multiple Vulnerabilities in Badger Meter's Monitool

Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...

CVE-2024-1303

CVE-2024-1303 affects Badger Meter Monitool prior to 4.6.3. The root cause is an incorrect restriction that allows path traversal in the download-file function, enabling an authenticated attacker to retrieve arbitrary files from the device. Affected component: Monitool on compatible Badger Meter ...

CVE-2024-1303 Multiple Vulnerabilities in Badger Meter's Monitool

Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...

MAL-2024-290 Malicious code in wlwz-2312-1303 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09cffaae637cd216e133446bceaa7443ccdb6a008f64187ab294874c3a6e22c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-1303 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09cffaae637cd216e133446bceaa7443ccdb6a008f64187ab294874c3a6e22c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

BELL-CVE-2018-1303 CVE-2018-1303 does not affect BellSoft software

Bulletin has no description...