CVE-2026-3072

The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mlaupdatecompatfieldsaction function in all versions up to, and including, 3.33. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2026-3072

creationtimestamp| type| source ---|---|--- 2026-03-05 06:04:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgc4uho5rp27...

CVE-2024-55027

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...

EUVD-2022-4457

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-3072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7...

Fedora 40 : chromium (2025-609ed3aaa7)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-609ed3aaa7 advisory. Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs Medium...

Fedora 41 : chromium (2025-98dd4c4639)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-98dd4c4639 advisory. Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs Medium...

Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-3072

creationtimestamp| type| source ---|---|--- 2025-04-02 03:01:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llsfizn7in2h 2025-04-02 04:07:02+00:00| seen| https://t.me/cvedetector/21834 2025-04-08 16:14:25+00:00| seen|...

CVE-2025-3072

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

DEBIAN-CVE-2025-3072

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-3072

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-3072

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-3072

CVE-2025-3072 describes an improper implementation in Google Chrome’s Custom Tabs prior to 135.0.7049.52, enabling a remote attacker to trigger UI spoofing via a crafted HTML page after user engagement with specific UI gestures. Affected component: Custom Tabs in Chrome/Chromium. Impact per sourc...

CVE-2025-3072

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2021-3072

Technical details for CVE-2021-3072 are not publicly available in the provided documents. Monitor for updates when more information is disclosed by the reporting party or vendors.

WordPress ACF Front End Editor Plugin <= 2.0.2 is vulnerable to Broken Access Control

Software ACF Front End Editor Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3072 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5c576884eef4 Credits Francesco Carlucci Required...

CVE-2023-4832

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aceka Company Management allows SQL Injection.This issue affects Company Management: before 3072...

Aceka Company Management SQL Injection Vulnerability

Aceka Company Management is a company management software from Aceka. Aceka Company Management versions prior to 3072 are vulnerable to a SQL injection vulnerability that stems from the presence of a SQL injection vulnerability...

Oracle Linux 6 : squid (ELSA-2011-0545)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2011-0545 advisory. 3.1.10-1 - Resolves: 639365 - Rebase squid to version 3.1.10 - Resolves: 666533 - small memleak in squid-3.1.4 Tenable has extracted the preceding description...