CVE-2025-27723

Use after free for some Linux kernel driver for the IntelR Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

CVE-2025-27723

The CVE-2025-27723 entry describes a use-after-free in the Linux kernel driver for Intel Ethernet 800 series, prior to version 2.3.14. The issue affects the Ring 0 kernel path and can allow a denial-of-service condition with high impact to availability. Exploitation requires a local, authenticate...

Intel® 800 Series Ethernet Linux Driver Advisory

Summary: A potential security vulnerability for some Intel® 800 Series Ethernet Linux Driver may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-27723 Description: Use after free for some Linux kernel...

CVE-2025-53421

Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion: from n/a through = 2.3.14...

CVE-2025-53421

CVE-2025-53421 concerns a Missing Authorization vulnerability in the WordPress plugin Accordion (PickPlugins Accordion) affecting versions through 2.3.14. The flaw allows exploitation of misconfigured access control security levels without user interaction, with a CVSS v3.1 base score of 6.3 (Net...

PT-2025-43260

Name of the Vulnerable Software and Affected Versions PickPlugins Accordion versions through 2.3.14 Description A missing authorization issue exists in PickPlugins Accordion accordions, allowing exploitation of incorrectly configured access control security levels. Recommendations Versions prior ...

EUVD-2025-30521

Malicious code in bioql PyPI...

CVE-2025-58222

Missing Authorization vulnerability in Maidul Team Manager wp-team-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team Manager: from n/a through = 2.5.1...

CVE-2025-58678

Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion: from n/a through = 2.3.15...

CVE-2025-58222

CVE-2025-58222 describes a Missing Authorization vulnerability in the WordPress Team Manager plugin (Maidul Team Manager), affecting Team Manager versions up to 2.3.14 per the initial description and up to 2.3.16 per Wordfence vulnerability listings. The CVSS 3.1 vector indicates a Medium impact ...

CVE-2025-58678

CVE-2025-58678 : Missing Authorization vulnerability in the PickPlugins Accordion WordPress plugin affecting Accordion versions up to 2.3.15. The issue corresponds to Missing Authorization, implying improper access control. The connected WordPress vulnerability listing confirms the CVE and affect...

CVE-2025-58678 WordPress Accordion Plugin <= 2.3.15 - Broken Access Control Vulnerability

Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion: from n/a through = 2.3.15...

WordPress plugin Team Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

WordPress Accordion plugin <= 2.3.14 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin Accordion versions = 2.3.14...

WordPress Events Calendar for GeoDirectory plugin <= 2.3.14 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Events Calendar for GeoDirectory versions = 2.3.14...

WordPress Events Made Easy Plugin <= 2.3.14 is vulnerable to SQL Injection

Software Events Made Easy Type Plugin Vulnerable versions = 2.3.14 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-28660 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID b6f80ca22af2 Credits Joshua Martinelle Tenable Research Required...

CVE-2023-28660

The Events Made Easy WordPress Plugin, version = 2.3.14 is affected by an authenticated SQL injection vulnerability in the 'searchname' parameter in the emerecurrenceslist action...

WordPress Plugin Events Made Easy SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2023-21882 · WordPress · Events Made Easy Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Events Made Easy WordPress Plugin version = 2.3.14 Description: The issue is an authenticated SQL injection vulnerability. It affects the search name parameter in the eme recurrences list action. Recommendations: For Events Made Easy WordPres...

PT-2021-4477 · Unknown · Vpn-User-Portal

Name of the Vulnerable Software and Affected Versions: vpn-user-portal versions prior to 2.3.14 Description: The issue arises from insufficient input validation in the vpn-user-portal software, allowing remote authenticated users to obtain OS filesystem access due to the interaction of QR codes...