EUVD-2026-11790

Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through = 14.2.1...

CVE-2026-31916

Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through = 14.2.1...

CVE-2026-31916

Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through = 14.2.1...

CVE-2026-31916 WordPress Latest Post Shortcode plugin <= 14.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through = 14.2.1...

PT-2026-25171

Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through = 14.2.1...

WordPress plugin Latest Post Shortcode 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2024-54665

Malicious code in bioql PyPI...

CVE-2024-37395

A stored cross-site scripting XSS vulnerability in the Public Survey function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the 'Survey Title' and 'Survey Instructions' fields. This vulnerability could be exploited by...

CVE-2024-37396

A stored cross-site scripting XSS vulnerability in the Calendar function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the 'Notes' field of a calendar event. This could lead to the execution of malicious scripts when the...

PT-2023-8684 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.2.1 Description: A session rendering issue was addressed with improved session tracking. This issue may cause a user who shares their screen to unintentionally share the incorrect content. The problem is...

PT-2021-4987 · Gitlab +1 · Gitlab Ce/Ee +2

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 through 14.0.8 GitLab CE/EE versions 14.1 through 14.1.3 GitLab CE/EE versions 14.2 through 14.2.1 Description: The issue is related to a stored Cross-Site Scripting vulnerability in the DataDog integration of GitLa...

Apple Security Update: iOS 14.2.1

Apple recommends to install security update iOS 14.2.1 on devices iPhone 12 Pro, iPhone 12 Pro Max, iPhone 12, and iPhone 12 mini...

Apple Security Update: iOS 14.2.1

Apple recommends to install security update iOS 14.2.1 on devices iPhone 12 Pro, iPhone 12 Pro Max, iPhone 12, and iPhone 12 mini...

CVE-2018-13980

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal...

CVE-2018-13981

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related t...

Remote code execution

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related t...

Asterisk SDP Offer DoS Vulnerability (AST-2016-008)

Asterisk is prone to a SDP offer denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...