CVE-2024-11976

The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-11976

The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-11976

CVE-2024-11976 : The BuddyPress WordPress plugin is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to and including 14.3.3 due to insufficient validation before running do_shortcode. This allows attackers to execute arbitrary shortcodes on affected sites. Remediati...

CVE-2025-27601

CVE-2025-27601 concerns Umbraco in the API management package, where an improper API access control allows low-privilege authenticated users to create and update data type information restricted to settings-access users. Affected are Umbraco.Cms.Api.Management versions prior to 14.3.3 and 15.2.3....

CVE-2018-18552

ServersCheck Monitoring Software through 14.3.3 allows local users to cause a denial of service menu functionality loss by creating an LNK file that points to a second LNK file, if this second LNK file is associated with a Start menu. Ultimately, this behavior comes from a Directory Traversal bug...

CVE-2018-18552

CVE-2018-18552 affects ServersCheck Monitoring Software up to version 14.3.3. The vulnerability is a Directory Traversal flaw via the sensor_details.html id parameter, enabling an attacker with local access to cause a denial of service (menu functionality loss) by creating empty files in arbitrar...