CVE-2026-1755

The Menu Icons by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpattachmentimagealt’ post meta in all versions up to, and including, 0.13.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

EUVD-2026-1755

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network could exploit this vulnerabilit...

CVE-2022-1755

The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...

CVE-2020-1755

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks...

CVE-2025-1755

MongoDB Compass (Windows) is affected by CVE-2025-1755: a local privilege escalation vulnerability when a crafted file is stored in C:\node_modules, affecting versions prior to 1.42.1. The condition described enables elevated-privilege actions on the user’s system. Several connected sources (incl...

CVE-2025-1755 MongoDB Compass may be susceptible to local privilege escalation in Windows

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

CVE-2024-1755

The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-1755

The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-1755

CVE-2024-1755 affects the WordPress plugin “NPS computy” up to version 2.7.5, where missing CSRF checks in certain code paths could allow an attacker to cause logged-in users to perform unintended actions. The issue is documented as CSRF across multiple sources, with a remediation stating that ve...

CVE-2024-1755 NPS computy <= 2.7.5 - Results Deletion via CSRF

The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

WordPress NPS computy Plugin < 2.7.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software NPS computy Type Plugin Vulnerable versions 2.7.6 Fixed in 2.7.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1755 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f3b2b0b2003c Credits Bob Matyas Required...

Amazon Linux AMI : tar (ALAS-2023-1755)

The version of tar installed on the remote host is prior to 1.26-31.24. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1755 advisory. paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed...

phpMyFAQ < 3.1.12 Multiple Vulnerabilities

phpMyFAQ is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyfaq:phpmyfaq"; if description...

CVE-2023-1755

creationtimestamp| type| source ---|---|--- 2023-03-31 07:21:57+00:00| seen| https://t.me/cibsecurity/61233...

CVE-2023-1755 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq

Cross-site Scripting XSS - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

CVE-2023-1755

CVE-2023-1755 : A cross-site scripting (XSS) vulnerability exists in the thorsten/phpmyfaq GitHub repository, affecting versions prior to 3.1.12. The issue is described across multiple sources (NVD, OSV, GHSA, CNNVD, PT-Security) as a generic XSS in phpMyFAQ before 3.1.12. The remediation stated ...

CVE-2023-1755 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq

Cross-site Scripting XSS - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

CVE-2022-1755

creationtimestamp| type| source ---|---|--- 2022-09-26 16:21:47+00:00| seen| https://t.me/cibsecurity/50467 2025-05-21 19:42:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17179...

CVE-2022-1755

The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...

CVE-2022-1755

The CVE-2022-1755 issue affects the WordPress SVG Support plugin prior to version 2.5. The vulnerability arises from improper handling of SVGs added via a URL, enabling Cross-Site Scripting (XSS). The CVSS data indicates a MEDIUM severity (5.4) with network attack vector, low attack complexity, a...