MAL-2025-35726 Malicious code in test-mlw2-lured-moops (npm)

The package test-mlw2-lured-moops was found to contain malicious code...

CVE-2024-35726

Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.19...

CVE-2020-35726

Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Reports/index.jsp file via the by parameter. NOTE: This vulnerability only affects products that are no longer supported by t...

CVE-2024-35726

Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.19...

CVE-2024-35726

Technical details for CVE-2024-35726 are not publicly provided in the supplied documents. Monitor for official advisories from vendors/security sources for affected products and remediation guidance.

CVE-2024-35726 WordPress WooBuddy plugin <= 3.4.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.19...

CVE-2024-35726 WordPress WooBuddy plugin <= 3.4.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.19...

WordPress WooBuddy Plugin <= 3.4.19 is vulnerable to Broken Access Control

Software WooBuddy Type Plugin Vulnerable versions = 3.4.19 Fixed in 3.4.20 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35726 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b375cf67af7c Credits Abdi Pranata Required privilege...

CVE-2023-35726

The CVE-2023-35726 issue affects D-Link DAP-2622 routers, originating in the DDP service. It is a stack-based buffer overflow caused by insufficient validation of user-supplied data length before copying to a fixed-size stack buffer. This allows network-adjacent attackers to execute arbitrary cod...

CVE-2022-35726

Broken Authentication vulnerability in yotuwp Video Gallery plugin = 1.3.4.5 at WordPress...

CVE-2022-35726

The CVE-2022-35726 entry concerns the yotuwp Video Gallery WordPress plugin, affected versions 1.3.4.5 and earlier, with a Broken Authentication vulnerability. Technical details across connected sources confirm the vulnerability lies in the plugin’s authentication mechanism, enabling unauthorized...

CVE-2020-35726

creationtimestamp| type| source ---|---|--- 2021-01-11 07:45:05+00:00| seen| https://t.me/cibsecurity/21883...

CVE-2020-35726

CVE-2020-35726 effects Quest Policy Authority version 8.1.2.200, with a reflected XSS vulnerability exploitable via a crafted link to /WebCM/Applications/Reports/index.jsp using the by parameter. Public references consistently describe the issue and note affected products are no longer supported....