369 matches found
CVE-2026-22402 WordPress Triply theme <= 2.4.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through = 2.4.7...
CVE-2026-22402
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through = 2.4.7...
CVE-2026-22402 WordPress Triply theme <= 2.4.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through = 2.4.7...
MiracleLinux 7 : cups-1.6.3-52.0.1.el7.AXS7 (AXSA:2024-8620:07)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8620:07 advisory. CVE-2023-4504: scanps: check for null terminator after backslash character CVEs: CVE-2023-4504 Due to failure in validating the length provided by an...
MiracleLinux 3 : freetype-2.2.1-28.1.0.2.AXS3 (AXSA:2011-339:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-339:01 advisory. The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments...
CVE-2022-27238
BigBlueButton version 2.4.7 or earlier is vulnerable to stored Cross-Site Scripting XSS in the private chat functionality. A threat actor could inject JavaScript payload in his/her username. The payload gets executed in the browser of the victim each time the attacker sends a private message to t...
WordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bonds in WordPress Plugin JetBlog versions = 2.4.7...
EUVD-2025-205654
Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through 2.4.7...
CVE-2025-68503
Technical details about CVE-2025-68503 (JetBlog missing authorization) are not publicly provided in the supplied documents. Monitor for updates and official advisories.
CVE-2025-68503 WordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through = 2.4.7...
PT-2025-53795
Name of the Vulnerable Software and Affected Versions Crocoblock JetBlog versions through 2.4.7 Description An authorization issue exists in Crocoblock JetBlog, allowing exploitation of incorrectly configured access control security levels. This can lead to unauthorized access. Recommendations...
AZL-71528 CVE-2025-66200 affecting package httpd for versions less than 2.4.66-1
moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...
[SECURITY] Fedora 42 Update: fcgi-2.4.7-1.fc42
FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs...
[SECURITY] Fedora 41 Update: fcgi-2.4.7-1.fc41
FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs...
Apache HTTP Server 安全漏洞
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A code execution vulnerability exists in Apache HTTP Server versions 2.4.7 through 2.4.65, which can be exploited by an attacker t...
Fedora 42 : fcgi (2025-d7c1457e7e)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d7c1457e7e advisory. 2.4.7 release, fixes CVE-2025-23016 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...
Apache HTTP Server 2.4.7 - 2.4.65 Authentication Bypass Vulnerability - Linux
Apache HTTP Server is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Retro 跨站脚本漏洞
Retro is an online platform for displaying vintage style items by the individual developer Lakshmi Pavananjali. A cross-site scripting vulnerability exists in Retro versions prior to 2.4.7, which stems from the input processing component being susceptible to cross-site scripting attacks...
WordPress Restaurant Menu by MotoPress plugin <= 2.4.7 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.7...
PT-2025-45546
Name of the Vulnerable Software and Affected Versions WP2Social Auto Publish versions through 2.4.7 Description The WP2Social Auto Publish plugin for WordPress is susceptible to Reflected Cross-Site Scripting via PostMessage due to inadequate input sanitization and output escaping. This allows...