GP Premium <= 2.4.0 - Cross-Site Scripting

The GP Premium plugin for WordPress up to 2.4.0 is vulnerable to reflected XSS via the 'message' parameter in inc/verify.php lines 95-101, where a message passed with slactivation=false is URL-decoded and used unsanitized in addsettingserror, allowing XSS payloads to be reflected in admin notices...

@alivault/pico (>=0.1.0 <=0.1.2), @ardeora/start-devtools (>=1.0.0 <=1.0.1) +92 more potentially affected by unknown CVE via @tanstack/react-start-client (>=1.121.0-alpha.28 <=1.166.48)

@tanstack/react-start-client NPM version =1.121.0-alpha.28, =0.1.0, =1.0.0, =0.0.1, =0.5.2, =0.1.1, =0.0.4, =1.0.0, =0.2.0, =0.2.0, =0.1.1, =0.2.0, =0.2.0, =0.1.14, =0.1.0, =0.1.38 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3469...

CVE-2026-3469

CVE-2026-3469 : A DoS vulnerability in the SonicWall Email Security appliance due to improper input validation. It can be triggered by a remote authenticated attacker who has admin privileges, causing the application to become unresponsive. Exploitation details, affected versions, and a mitigatio...

EUVD-2026-3469

Not used...

CVE-2022-3469

The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...

CVE-2022-3469

creationtimestamp| type| source ---|---|--- 2025-05-05 16:19:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14904...

MediaWiki < 1.39.12, 1.40.x < 1.42.6, 1.43.x < 1.43.1 Multiple Vulnerabilities - Linux

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

CVE-2025-3469

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6,...

CVE-2025-3469

creationtimestamp| type| source ---|---|--- 2025-04-10 21:43:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmihwct7ws24 2025-04-10 23:43:16+00:00| seen| https://t.me/cvedetector/22680 2025-04-13 15:06:08+00:00| seen|...

CVE-2025-3469

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6,...

CVE-2025-3469

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6,...

CVE-2025-3469 i18n XSS vulnerability in HTMLMultiSelectField when sections are used

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6,...

CVE-2025-3469

MediaWiki (Wikimedia Foundation) is affected by CVE-2025-3469 due to improper neutralization of input in HTMLMultiSelectField.Php, impacting versions before 1.39.12, 1.42.6 and 1.43.1. The issue enables Cross‑Site Scripting, potentially leading to information disclosure or privilege escalation. D...

CVE-2025-3469

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6,...

CVE-2025-3469 i18n XSS vulnerability in HTMLMultiSelectField when sections are used

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6,...

Linux Distros Unpatched Vulnerability : CVE-2014-3469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 asn1readvaluetype and 2 asn1readvalue functions in GNU Libtasn1 before 3.6 allows context- dependent attackers to cause a denial of service NULL pointer...

CVE-2024-3469 GP Premium <= 2.4.0 - Reflected Cross-Site Scripting

The GP Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the message parameter in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...

CVE-2024-3469 GP Premium <= 2.4.0 - Reflected Cross-Site Scripting

The GP Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the message parameter in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...

CVE-2024-3469

CVE-2024-3469 affects the GP Premium WordPress plugin up to version 2.4.0. A reflected XSS vulnerability exists in inc/verify.php (lines 95–101) where a message parameter is URL-decoded and used unsanitized in add_settings_error(), allowing reflected payloads in admin notices. The Nuclei template...

RHEL 4 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: asn1getbitder can return negative bit length CVE-2014-3468 - libtasn1: asn1readvaluetype NULL...