CVE-2026-23525 1panel App Store vulnerable to Cross-site Scripting

1Panel is an open-source, web-based control panel for Linux server management. A stored Cross-Site Scripting XSS vulnerability exists in the 1Panel App Store when viewing application details. Malicious scripts can execute in the context of the user’s browser, potentially compromising session data...

CVE-2026-23525 1panel App Store vulnerable to Cross-site Scripting

1Panel is an open-source, web-based control panel for Linux server management. A stored Cross-Site Scripting XSS vulnerability exists in the 1Panel App Store when viewing application details. Malicious scripts can execute in the context of the user’s browser, potentially compromising session data...

EUVD-2019-3245

Malware in sbrugna...

EUVD-2024-29138

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-26870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a...

CVE-2024-25249

An issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...

CVE-2025-30818

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mlaza jAlbum Bridge jalbum-bridge allows DOM-Based XSS.This issue affects jAlbum Bridge: from n/a through = 2.0.17...

CVE-2025-30818 WordPress jAlbum Bridge plugin <= 2.0.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mlaza jAlbum Bridge jalbum-bridge allows DOM-Based XSS.This issue affects jAlbum Bridge: from n/a through = 2.0.17...

WordPress plugin Radcliffe security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

CVE-2024-31243

Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17...

CVE-2024-31244

Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17...

PT-2024-23885 · Unknown · Bricksforge

Name of the Vulnerable Software and Affected Versions: Bricksforge versions from n/a through 2.0.17 Description: The issue is related to a Missing Authorization vulnerability in Bricksforge. This vulnerability could potentially impact systems using the affected versions. Recommendations: For...

WordPress plugin Bricksforge security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Bricksforge security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-23886 · Unknown · Bricksforge

Name of the Vulnerable Software and Affected Versions: Bricksforge versions n/a through 2.0.17 Description: The issue is related to a Missing Authorization vulnerability in Bricksforge. This vulnerability affects Bricksforge versions from n/a through 2.0.17. Recommendations: For versions n/a...

WordPress Radcliffe 2 theme <= 2.0.17 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme Radcliffe 2 versions = 2.0.17...

WordPress Radcliffe 2 Theme <= 2.0.17 is vulnerable to Broken Access Control

Software Radcliffe 2 Type Theme Vulnerable versions = 2.0.17 Fixed in 2.0.18 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35685 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 05f76e334556 Credits Rafie Muhammad Patchstack Requir...

WordPress Post Grid Elementor Addon Plugin <= 2.0.16 is vulnerable to Cross Site Scripting (XSS)

Software Post Grid Elementor Addon Type Plugin Vulnerable versions = 2.0.16 Fixed in 2.0.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34789 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a126fad23f02 Credits 4rCanJ0x! Required privile...

PT-2024-23884 · Unknown · Bricksforge

Name of the Vulnerable Software and Affected Versions: Bricksforge versions 2.0.17 and earlier Description: A Missing Authorization issue has been identified. This issue affects the authorization mechanism, potentially allowing unauthorized access. Recommendations: For versions 2.0.17 and earlier...

WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion vulnerability

Unauthenticated Arbitrary WordPress Setting Deletion vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Bricksforge versions = 2.0.17...