CVE-2026-39655

creationtimestamp| type| source ---|---|--- 2026-05-26 11:14:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmqugoyfqo2k...

CVE-2026-39655

CVE-2026-39655 applies to WordPress Mayosis Core plugin, affected through version 5.4.7. The issue is described as a Missing Authorization (Broken Access Control) vulnerability in TeconceTheme Mayosis Core, allowing exploitation due to incorrectly configured access control security levels. CVSS v...

MAL-2025-39655 Malicious code in xenon-l0n7z-itbi2-quartz-project (npm)

The package xenon-l0n7z-itbi2-quartz-project was found to contain malicious code...

CVE-2021-39655

Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A...

CVE-2024-39655

creationtimestamp| type| source ---|---|--- 2024-08-02 00:38:16+00:00| seen| https://t.me/cvedetector/2303...

CVE-2024-39655

LiquidPoll – Advanced Polls for Creators and Brands (WP plugin) contains an unauthenticated XSS in versions up to 3.3.77; the issue is caused by improper neutralization of input during web page generation. Publicly documented impact is cross-site scripting, affecting affected sites that run the p...

CVE-2024-39655 WordPress LiquidPoll plugin <= 3.3.77 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands.This issue affects LiquidPoll – Advanced Polls for Creators and Brands: from n/a through 3.3.77...

WordPress LiquidPoll – Advanced Polls for Creators and Brands Plugin <= 3.3.77 is vulnerable to Cross Site Scripting (XSS)

Software LiquidPoll – Advanced Polls for Creators and Brands Type Plugin Vulnerable versions = 3.3.77 Fixed in 3.3.78 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39655 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID a190a4c0c44f...

CVE-2023-39655

creationtimestamp| type| source ---|---|--- 2024-01-03 14:26:30+00:00| seen| https://t.me/ctinow/162373 2024-01-04 01:35:39+00:00| seen| https://t.me/cibsecurity/74317 2024-01-23 17:26:50+00:00| seen| https://t.me/ctinow/172148 2025-06-18 15:42:57+00:00| published-proof-of-concept|...

CVE-2023-39655

A host header injection vulnerability exists in the NPM package @perfood/couch-auth versions = 0.20.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attacker-controlled server and thu...

CVE-2023-39655

A host header injection vulnerability exists in the NPM package @perfood/couch-auth versions = 0.20.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attacker-controlled server and thu...

CVE-2021-39655

creationtimestamp| type| source ---|---|--- 2021-12-15 22:47:12+00:00| seen| https://t.me/cibsecurity/34109...

CVE-2021-39655

Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A...

CVE-2021-39655

CVE-2021-39655 is listed in Pixel bulletin as an Elevation of Privilege in the Android kernel (Kernel component) affecting Pixel devices, with a high-severity CVSS in NVD (Critical in 3.1). The connected Pixel bulletin entry confirms the issue is categorized under Kernel with EoP impact, but the ...