CVE-2026-1987

The Scheduler Widget plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 0.1.6. This is due to the schedulerwidgetajaxsaveevent function lacking proper authorization checks and ownership verification when updating events. This makes it...

CVE-2025-1987

creationtimestamp| type| source ---|---|--- 2025-06-21 21:47:03+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19129 2025-06-22 01:57:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ls5xpxfior2s...

CVE-2025-1987 Stored XSS in Psono-Client via Malicious Vault Entry URLs

A Cross-Site Scripting XSS vulnerability has been identified in Psono-Client’s handling of vault entries of type websitepassword and bookmark, as used in Bitdefender SecurePass. The client does not properly sanitize the URL field in these entries. As a result, an attacker can craft a malicious...

CVE-2002-1987

Directory traversal vulnerability in viewsource.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." backslash dot dot...

Linux Distros Unpatched Vulnerability : CVE-2013-1987

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors...

Retrieving Deleted Files on the Commodore C64 in 1987

When I was a sophomore in high school, from 1987 to 1988, my friend Paul and I had Commodore C64 computers. There was a new graphical user interface called GEOS that had transformed the way we interacted with our computers. We used the C64 to play games but also write papers for school. One day...

CVE-2024-1987

creationtimestamp| type| source ---|---|--- 2024-03-08 07:26:52+00:00| seen| https://t.me/ctinow/203090 2024-03-08 07:26:55+00:00| seen| https://t.me/ctinow/203093...

CVE-2024-1987

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.4.9.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-1987 WP-Members Membership Plugin <= 3.4.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.4.9.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-1987

CVE-2024-1987 — WP-Members Membership Plugin (WordPress) is a stored XSS vulnerability in the plugin’s shortcode attributes, affecting all versions up to 3.4.9.1. The root cause is insufficient input sanitization and output escaping on user-supplied attributes, allowing authenticated attackers wi...

WordPress WP-Members Plugin <= 3.4.9.1 is vulnerable to Cross Site Scripting (XSS)

Software WP-Members Type Plugin Vulnerable versions = 3.4.9.1 Fixed in 3.4.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1987 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cb743b727613 Credits Sh Required privilege...

Oracle Linux 7 : kernel (ELSA-2023-1987)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-1987 advisory. - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

RHEL 7 : kernel (RHSA-2023:1987)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1987 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: memory corruption in usbmon driver...

CVE-2023-1987

creationtimestamp| type| source ---|---|--- 2023-04-11 22:28:41+00:00| seen| https://t.me/cibsecurity/61912...

CVE-2023-1987

CVE-2023-1987 affects SourceCodester Online Computer and Laptop Store v1.0. The vulnerability resides in the update_order_status functionality (file /classes/Master.php?f=update_order_status) where the id parameter is not properly validated, enabling SQL injection. Exploitation can be performed r...

Amazon Linux 2 : kernel, --advisory ALAS2-2023-1987 (ALAS-2023-1987)

The version of kernel installed on the remote host is prior to 4.14.309-231.529. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1987 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindexsetparms...

Ubuntu: Security Advisory (USN-1987-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1987

creationtimestamp| type| source ---|---|--- 2022-06-03 12:26:20+00:00| seen| https://t.me/cibsecurity/43792...

DEBIAN-CVE-2022-1987

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11...

CVE-2022-1987

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11...