EUVD-2026-39382

Subscriber PHP Object Injection in EventPrime = 4.3.4.1 versions...

PT-2026-52434

Name of the Vulnerable Software and Affected Versions EventPrime versions prior to 4.3.4.2 Description PHP Object Injection occurs when an application deserializes untrusted data, allowing an attacker to manipulate the object structure and potentially execute arbitrary code or perform unauthorize...

CVE-2021-24612 Sociable <= 4.3.4.1 - Admin+ Stored Cross-Site Scripting

The Sociable WordPress plugin through 4.3.4.1 does not sanitise or escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfilteredhtml capability is disallowed...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A security vulnerability exists in Sociable...

Sociable <= 4.3.4.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise or escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfilteredhtml capability is disallowed Put the following payload in the "Background...