CVE-2026-1461 Simple Membership <= 4.7.0 - Unauthenticated Improper Handling of Missing Values

The Simple Membership plugin for WordPress is vulnerable to Improper Handling of Missing Values in all versions up to, and including, 4.7.0 via the Stripe webhook handler. This is due to the plugin only validating webhook signatures when the stripe-webhook-signing-secret setting is configured,...

Fedora: Security Advisory (FEDORA-2026-4ea96a154e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for CVE-2025-1461

Vuetify VCalendar XSS Vulnerability POC CVE-2025-1461 This...

CVE-2025-1461

creationtimestamp| type| source ---|---|--- 2025-05-28 18:24:14+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqat6suri5a2...

CVE-2025-1461

Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component in Vuetify allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the...

CVE-2025-1461

CVE-2025-1461 affects Vuetify’s VCalendar eventMoreText prop. Affected: Vuetify &gt;=2.0.0 and

CVE-2025-1461 Vuetify XSS through 'eventMoreText' prop of VCalendar

Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component in Vuetify allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the...

CVE-2025-1461 Vuetify XSS through 'eventMoreText' prop of VCalendar

Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component in Vuetify allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the...

CVE-2021-1461

A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could allow an authenticated, remote attacker with Administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital...

CVE-2020-1461

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'...

CVE-2021-1461

creationtimestamp| type| source ---|---|--- 2024-11-18 15:36:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113504694022164872 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

CVE-2021-1461

Cisco SD-WAN Software is affected by a vulnerability in the Image Signature Verification feature that could let an authenticated, administrator-level attacker install an unsigned patch and boot a malicious software image. The root cause is improper verification of digital signatures for patch ima...

CVE-2024-1461

creationtimestamp| type| source ---|---|--- 2024-04-11 07:11:06+00:00| seen| https://t.me/arpsyndicate/4464...

CVE-2024-1461 Elementor Addons by Livemesh <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Team Members widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

RHCOS 4 : OpenShift Container Platform 4.14.18 (RHSA-2024:1461)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1461 advisory. - golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invali...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1461)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-1461

creationtimestamp| type| source ---|---|--- 2024-03-09 14:16:52+00:00| seen| https://t.me/ctinow/203941...

CVE-2022-1461

creationtimestamp| type| source ---|---|--- 2024-01-08 23:05:01+00:00| published-proof-of-concept| https://t.me/arpsyndicate/2692...

VulnCheck KEV: CVE-2012-1461

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus...

CVE-2023-1461

creationtimestamp| type| source ---|---|--- 2023-03-17 11:36:20+00:00| seen| https://t.me/cibsecurity/60221...