CVE-2025-39477

Missing Authorization vulnerability in Sfwebservice InWave Jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InWave Jobs: from n/a through 3.5.8...

CVE-2025-39477 WordPress InWave Jobs Plugin <= 3.5.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sfwebservice InWave Jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InWave Jobs: from n/a through 3.5.8...

CVE-2025-39477 WordPress InWave Jobs Plugin <= 3.5.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sfwebservice InWave Jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InWave Jobs: from n/a through 3.5.8...

PT-2026-1494

Name of the Vulnerable Software and Affected Versions InWave Jobs versions through 3.5.8 Description The Sfwebservice InWave Jobs software contains a missing authorization issue, allowing exploitation of incorrectly configured access control security levels. An unauthenticated attacker can execut...

WordPress Facebook for WooCommerce plugin <= 3.5.7 - Broken Access Control to Notice Dismissal vulnerability

Broken Access Control to Notice Dismissal vulnerability discovered by Legion Hunter in WordPress Plugin Facebook for WooCommerce versions = 3.5.7...

EUVD-2024-40056

Malicious code in bioql PyPI...

openSUSE Security Advisory (SUSE-SU-2025:03285-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-54056

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist lbg-audio2-html5 allows Reflected XSS.This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through = 3.5.8...

CVE-2025-54056

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist lbg-audio2-html5 allows Reflected XSS.This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through = 3.5.8...

CVE-2025-54056 WordPress Responsive HTML5 Audio Player PRO With Playlist <= 3.5.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist lbg-audio2-html5 allows Reflected XSS.This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through = 3.5.8...

CVE-2025-54056

CVE-2025-54056: Reflected XSS in LambertGroup Responsive HTML5 Audio Player PRO With Playlist due to improper input neutralization during page generation. Affected: WordPress plugin versions up to 3.5.8. Remediation: update to a version later than 3.5.8 (Patchstack/Red Hat/Wordfence references co...

CVE-2025-54056 WordPress Responsive HTML5 Audio Player PRO With Playlist <= 3.5.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist allows Reflected XSS. This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through 3.5.8...

WordPress plugin Responsive HTML5 Audio Player PRO With Playlist 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2025-34018 · Lambertgroup · Lambertgroup Responsive Html5 Audio Player Pro With Playlist

Name of the Vulnerable Software and Affected Versions: LambertGroup Responsive HTML5 Audio Player PRO With Playlist versions through 3.5.8 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Reflected Cross-site Scripting XSS...

CVE-2024-56223

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood Gulri Slider gulri-slider allows Reflected XSS.This issue affects Gulri Slider: from n/a through = 3.5.8...

CVE-2024-56223

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood Gulri Slider allows Reflected XSS.This issue affects Gulri Slider: from n/a through 3.5.8...

WordPress plugin Gulri Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

PT-2024-36758 · Unknown · Gulri Slider

Name of the Vulnerable Software and Affected Versions: Gulri Slider versions 3.5.8 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected cross-site scripting XSS. This means an attacker can inject malicious scripts...

WordPress Gulri Slider plugin <= 3.5.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Gulri Slider versions = 3.5.8...

Mastodon 2.5.0 < 3.5.8 LDAP injection

According to its self-reported version number, the version of Mastodon running on the remote host is 2.5.0 prior to 3.5.8 or 4.0.x prior to 4.0.4 or 4.1.x prior to 4.1.2. Therefore, it may be affected by a blind LDAP injection in login allows the attacker to leak arbitrary attributes from LDAP...