CVE-2026-32506 WordPress Archicon theme < 1.7 - Arbitrary Object Instantiation vulnerability

Deserialization of Untrusted Data vulnerability in Edge-Themes Archicon archicon allows Object Injection.This issue affects Archicon: from n/a through 1.7...

CVE-2025-32506

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BenDlz AT Internet SmartTag at-internet allows Reflected XSS.This issue affects AT Internet SmartTag: from n/a through = 0.2...

CVE-2025-32506

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BenDlz AT Internet SmartTag at-internet allows Reflected XSS.This issue affects AT Internet SmartTag: from n/a through = 0.2...

CVE-2025-32506

CVE-2025-32506 describes a Reflected XSS in the WordPress plugin AT Internet SmartTag (AT Internet SmartTag) with affected version range shown as from n/a through 0.2. The vulnerability is due to improper neutralization of input during web page generation. NVD metrics cite CVSSv3.1 base score 7.1...

CVE-2023-32506

creationtimestamp| type| source ---|---|--- 2024-12-13 15:59:19+00:00| seen| https://infosec.exchange/users/cve/statuses/113646341929324061...

CVE-2023-32506

Missing Authorization vulnerability in Link Whisper Link Whisper Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Link Whisper Free: from n/a through 0.6.3...

CVE-2023-32506 WordPress Link Whisper Free plugin <= 0.6.3 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in Link Whisper Link Whisper Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Link Whisper Free: from n/a through 0.6.3...

CVE-2023-32506

CVE-2023-32506 is a real, publicly documented vulnerability affecting the WordPress plugin Link Whisper Free (versions

CVE-2022-32506

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...

CVE-2024-32506

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73...

CVE-2024-32506

Public details for CVE-2024-32506 are not provided in the connected documents. Technical specifics (affected plugin/version, root cause, exploitability) are not disclosed here. Monitor for updates from vendors/security advisories.

CVE-2024-32506 WordPress Radio Player plugin <= 2.0.73 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73...

WordPress Radio Player Plugin <= 2.0.73 is vulnerable to Sensitive Data Exposure

Software Radio Player Type Plugin Vulnerable versions = 2.0.73 Fixed in 2.0.74 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-32506 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4e6e2407c28d Credits Steven Julian Required...

CVE-2021-32506

Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3...

CVE-2021-32506 QSAN Storage Manager - Absolute Path Traversal via GetImage function

Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3...

CVE-2021-32506

The CVE-2021-32506 entry concerns QSAN Storage Manager (QSAN Storage Manager NAS OS). A path traversal vulnerability exists in the GetImage function that does not validate the URL path parameter, enabling remote authenticated attackers to download arbitrary files. The issue is mitigated by updati...