CVE-2026-1506

A vulnerability was determined in D-Link DIR-615 4.10. Impacted is an unknown function of the file /advmacfilter.php of the component MAC Filter Configuration. This manipulation of the argument mac causes os command injection. The attack is possible to be carried out remotely. The exploit has bee...

CVE-2026-1506

creationtimestamp| type| source ---|---|--- 2026-01-28 05:59:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdhltbyzn223...

CVE-2025-1506

The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the counteraccesskeysetup function. This makes it possible for unauthenticated...

CVE-2024-1506

The Prime Slider – Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titletags' attribute of the Fiestar widget in all versions up to, and including, 3.13.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2022-1506

The WP Born Babies WordPress plugin through 1.0 does not sanitise and escape some of its fields, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...

CVE-2025-1506

creationtimestamp| type| source ---|---|--- 2025-02-28 06:25:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5841 2025-02-28 09:29:57+00:00| seen| https://t.me/cvedetector/19126 2025-03-02 11:44:22+00:00| seen| Telegram/FmjrvzrqbmiA1PlFRQCdfDB6CUseSxyidILeiKPdIgQQymPN 2025-08-22...

CVE-2025-1506

The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the counteraccesskeysetup function. This makes it possible for unauthenticated...

CVE-2025-1506 Wp Social Login and Register Social Counter <= 3.1.0 - Cross-Site Request Forgery to Settings Update

The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the counteraccesskeysetup function. This makes it possible for unauthenticated...

CVE-2025-1506

CVE-2025-1506 documents confirm a Cross-Site Forgery (CSRF) vulnerability in the WordPress plugin “Wp Social Login and Register Social Counter” up to version 3.1.0. The root cause is missing or incorrect nonce validation on the counter_access_key_setup() function, enabling unauthenticated attacke...

Huawei EulerOS: Security Advisory for giflib (EulerOS-SA-2024-1506)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1506

creationtimestamp| type| source ---|---|--- 2024-03-07 08:26:28+00:00| seen| https://t.me/ctinow/202183 2024-03-07 08:26:31+00:00| seen| https://t.me/ctinow/202186...

CVE-2024-1506 Prime Slider – Addons For Elementor <= 3.13.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fiestar Widget

The Prime Slider – Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titletags' attribute of the Fiestar widget in all versions up to, and including, 3.13.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-1506

CVE-2024-1506 concerns the WordPress plugin “Prime Slider – Addons For Elementor.” The vulnerability is a Stored Cross-Site Scripting issue via the Fiestar widget’s title_tags attribute, present in all versions up to 3.13.1. An attacker with contributor-level access or higher could inject arbitra...

Malicious code in wlwz-2312-1506 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da1a8ba04ff4fd628be35c140b635223e4b7bc81c3c08ec442279cf4686bd2ba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-1506

CVE-2023-1506 affects SourceCodester E-Commerce System 1.0. The vulnerability is in an unknown function of login.php where manipulation of the U_USERNAME parameter leads to SQL injection. It is exploitable remotely with high impact on confidentiality, integrity, and availability; exploit complexi...

CVE-2023-1506 SourceCodester E-Commerce System login.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to launch the attack remotely. The complexity of an attack...

CVE-2022-1506

The WP Born Babies WordPress plugin through 1.0 does not sanitise and escape some of its fields, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...

CVE-2022-1506

Summary: CVE-2022-1506 affects the WordPress plugin “WP Born Babies” (versions ≤ 1.0). The issue is stored Cross‑Site Scripting caused by insufficient sanitisation/escaping of several fields. Documents indicate that an attacker with as low as contributor role could trigger XSS, enabling JavaScrip...

SUSE: Security Advisory (SUSE-SU-2022:1506-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-1506

Cisco SD-WAN vManage Software contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to execute arbitrary code or access sensitive information, or allow an authenticated, local attacker to gain elevated privileges. Affected component: Cisco SD-WAN vManage Software;...