CVE-2026-32587

Missing Authorization vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through = 4.2.11...

CVE-2026-32587

Missing Authorization vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through = 4.2.11...

WordPress WP EasyPay plugin <= 4.2.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WP EasyPay versions = 4.2.11...

PT-2026-25764

Missing Authorization vulnerability in Saad Iqbal WP EasyPay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through 4.2.11...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-000169)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000169 advisory. In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template...

CVE-2025-68983

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Greenmart greenmart allows PHP Local File Inclusion.This issue affects Greenmart: from n/a through = 4.2.11...

CVE-2025-68983

CVE-2025-68983 : In GreenMart WordPress Theme (

Linux Distros Unpatched Vulnerability : CVE-2018-16476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using...

Linux Distros Unpatched Vulnerability : CVE-2023-47260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails. CVE-2023-47260 Note that Nessus relies on the presence of the package as reported by the...

CVE-2023-47258

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter...

Moodle < 4.1.14 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is 4.1.x prior to 4.1.14, 4.2.x prior to 4.2.11, 4.3.x prior to 4.3.8, or 4.4.x prior to 4.4.4. It is, therefore, affected by multiple vulnerabilities. - An IDOR when fetching report schedules. - Some users can...

Fedora: Security Advisory (FEDORA-2025-04475838f9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress plugin Slope Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper certificate validation. An attacker can intercept secure communications by presenting a forged certificate. Remediation Upgrade github.com/mongodb/mongo-tools/common/options to version...

OPENSUSE-SU-2024:13887-1 python310-Django-4.2.11-2.1 on GA media

These are all security issues fixed in the python310-Django-4.2.11-2.1 package on the GA media of openSUSE Tumbleweed...

WordPress Random Banner plugin <= 4.2.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rayhan Ramdhany Hanaputra Patchstack Alliance in WordPress Plugin Random Banner versions = 4.2.11...

PT-2024-29115 · WordPress · Cm Tooltip Glossary – Powerful Glossary Plugin

Name of the Vulnerable Software and Affected Versions: CM Tooltip Glossary – Powerful Glossary Plugin plugin for WordPress versions up to, and including, 4.2.11 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation when saving settings. This...

WordPress CM Tooltip Glossary plugin <= 4.2.11 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Benedictus Jovan in WordPress Plugin CM Tooltip Glossary versions = 4.2.11...

WordPress CM Tooltip Glossary Plugin <= 4.2.11 is vulnerable to Cross Site Request Forgery (CSRF)

Software CM Tooltip Glossary Type Plugin Vulnerable versions = 4.2.11 Fixed in 4.3.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4086 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 099499e9a7ab Credits Benedictus Jova...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...