CVE-2026-3604

creationtimestamp| type| source ---|---|--- 2026-05-13 02:33:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlpbaeedeb2s...

CVE-2026-3604

The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kcseoativetab parameter in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

EUVD-2017-7392

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2012-3604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application cra...

CVE-2023-3604

The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login page when accessing a crafted URL, bypassing the protection offered...

CVE-2022-3604

The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection...

Exploit for Missing Authorization in Flynax Flynax_Bridge

🚨 Flynax Bridge CVE: CVE-2025-3604 CVSS: 9.8 Cri...

CVE-2025-3604

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated...

CVE-2025-3604

creationtimestamp| type| source ---|---|--- 2025-04-24 09:12:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13205 2025-04-24 10:15:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnkhz7caij2t 2025-04-24 11:48:22+00:00| seen|...

CVE-2025-3604 Flynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation via Account Takeover

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated...

WordPress Flynax Bridge plugin <= 2.2.0 - Unauthenticated Privilege Escalation via Account Takeover vulnerability

Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by kr0d in WordPress Plugin Flynax Bridge versions = 2.2.0...

Linux Distros Unpatched Vulnerability : CVE-2011-3604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The processra function in the router advertisement daemon radvd before 1.8.2 allows remote attackers to cause a denial of service stack-based buffer over-read a...

CVE-2024-3604

creationtimestamp| type| source ---|---|--- 2024-07-09 11:50:11+00:00| seen| https://t.me/cvedetector/295...

CVE-2024-3604

The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the 'taggedfilter' attribute of the 'osmmapv3' shortcode in all versions up to, and including, 6.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

CVE-2024-3604 OSM – OpenStreetMap <= 6.0.3 - Authenticated (Contributor+) SQL Injection

The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the 'taggedfilter' attribute of the 'osmmapv3' shortcode in all versions up to, and including, 6.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

CVE-2024-3604

CVE-2024-3604 affects the OSM – OpenStreetMap WordPress plugin. The Red Hat advisory confirms an authenticated SQL Injection via the 'tagged_filter' parameter of the 'osm_map_v3' shortcode, affecting all versions up to 6.0.2. The vulnerability arises from insufficient escaping of user input and l...

WordPress OSM – OpenStreetMap Plugin <= 6.0.3 is vulnerable to SQL Injection

Software OSM – OpenStreetMap Type Plugin Vulnerable versions = 6.0.3 Fixed in 6.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3604 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID c1b5cb216f5c Credits Krzysztof Zając Required privilege Contributor...

CBL Mariner 2.0 Security Update: libdb (CVE-2017-3604)

The version of libdb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-3604 advisory. - Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Pri...

CVE-2017-3604 affecting package libdb for versions less than 5.3.28-7

CVE-2017-3604 affecting package libdb for versions less than 5.3.28-7. A patched version of the package is available...

Malicious code in wlwz-2312-3604 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 64c17b6b3a08b044623d142e5cafa5f1b314f932182852e40fb6878b666be416 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...