160 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: rubygem-rack (UTSA-2026-005939)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005939 advisory. Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit th...
CVE-2026-25363
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25362
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25362
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25363
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25363 WordPress FooGallery plugin <= 3.1.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25363
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25363
CVE-2026-25363 affects WordPress FooGallery plugin
CVE-2026-25362
CVE-2026-25362 describes a stored XSS in the FooGallery plugin for WordPress (FooGallery
CVE-2026-25362
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25362 WordPress FooGallery plugin <= 3.1.11 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25362 WordPress FooGallery plugin <= 3.1.11 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...
WordPress plugin FooGallery 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-20709
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...
WordPress FooGallery plugin <= 3.1.11 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Steven Julian in WordPress Plugin FooGallery versions = 3.1.11...
CVE-2026-0554
The NotificationX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'regenerate' and 'reset' REST API endpoints in all versions up to, and including, 3.1.11. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2026-0554 NotificationX <= 3.1.11 - Missing Authorization to Authenticated (Contributor+) Analytics Reset
The NotificationX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'regenerate' and 'reset' REST API endpoints in all versions up to, and including, 3.1.11. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2026-0554
CVE-2026-0554 pertains to the NotificationX WordPress plugin (versions up to 3.1.11) and describes a missing capability check on the REST endpoints /wp-json/notificationx/v1/campaigns/{campaign_id}/regenerate and /wp-json/notificationx/v1/campaigns/{campaign_id}/reset. This allows authenticated u...
EUVD-2023-44793
Malicious code in bioql PyPI...
EUVD-2024-51984
Malicious code in bioql PyPI...