CVE-2015-4335

creationtimestamp| type| source ---|---|--- 2026-04-02 01:39:34+00:00| seen| https://gist.github.com/1191448/946f0101cc66a8dc8eec649ea42cf1c9...

CVE-2026-4335

creationtimestamp| type| source ---|---|--- 2026-03-26 06:06:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhwwqyknpp2d...

CVE-2026-4335

The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment posttitle in all versions up to, and including, 6.4.3. This is due to insufficient output escaping in the getEditorPopup function and its corresponding media-popup.php template...

EUVD-2026-4335

Missing Authorization vulnerability in PopCash PopCash.Net Code Integration Tool popcashnet-code-integration-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PopCash.Net Code Integration Tool: from n/a through = 1.8...

CVE-2014-4335

Multiple cross-site scripting XSS vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 host or 2 password parameter to rtl/protected/admin/ddns/...

CVE-2018-4335

A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12...

DLA-4335-1 firefox-esr - security update

Bulletin has no description...

CVE-2022-4335

A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host...

CVE-2025-4335

creationtimestamp| type| source ---|---|--- 2025-05-07 02:21:37+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15244 2025-05-07 04:26:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lokkl3lpu62h 2025-05-07 05:31:29+00:00| seen|...

WordPress Woocommerce Multiple Addresses plugin <= 1.0.7.1 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by Chuck in WordPress Plugin Woocommerce Multiple Addresses versions = 1.0.7.1...

Linux Distros Unpatched Vulnerability : CVE-2006-4335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Array index error in the maketable function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows...

RHEL 7 : redis security advisory (Moderate) (RHSA-2015:1676)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1676 advisory. Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sort...

Moderate: Red Hat Security Advisory: security update Logging for Red Hat OpenShift - 5.8.9

Moderate -- Logging for Red Hat OpenShift - 5.8.9 Logging for Red Hat OpenShift - 5.8.9 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses CVE-2024-24790...

CVE-2024-4335

CVE-2024-4335: The Rank Math SEO with AI Best SEO Tools WordPress plugin is susceptible to a Stored Cross-Site Scripting (XSS) via the textAlign parameter in versions up to and including 1.0.217. This requires authenticated access at contributor level or higher and can let an attacker inject scri...

CVE-2024-4335 Rank Math SEO with AI Best SEO Tools <= 1.0.217 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Rank Math SEO with AI Best SEO Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘textAlign’ parameter in versions up to, and including, 1.0.217 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Rank Math SEO Plugin <= 1.0.217 is vulnerable to Cross Site Scripting (XSS)

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.217 Fixed in 1.0.218 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4335 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4aee3e89592a Credits wesley wcraft Required...

CVE-2019-4335

creationtimestamp| type| source ---|---|--- 2024-03-18 18:11:58+00:00| seen| https://t.me/ctinow/210811...

CVE-2021-4335

creationtimestamp| type| source ---|---|--- 2023-10-20 12:35:05+00:00| seen| https://t.me/cibsecurity/72648...

CVE-2021-4335 Fancy Product Designer <= 4.6.9 - Insufficient Authorization on Mulitple AJAX Actions

The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and modification of plugin settings due to a missing capability check on multiple AJAX functions in versions up to, and including, 4.6.9. This makes it possible for authenticated attackers with...

CVE-2021-4335

CVE-2021-4335 (Fancy Product Designer for WordPress) involves a broken access-control issue in versions up to 4.6.9 where multiple AJAX actions lack proper capability checks. This allows authenticated users with subscriber-level privileges to modify plugin settings, access arbitrary order informa...