CVE-2026-4482

creationtimestamp| type| source ---|---|--- 2026-04-10 06:15:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj4obkqv7v2q...

openSUSE Security Advisory (SUSE-SU-2025:4482-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4482

The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.5.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be...

CVE-2025-4482

A vulnerability classified as critical was found in Project Worlds Student Project Allocation System 1.0. Affected by this vulnerability is an unknown functionality of the file /changepass/forgotpasswordsql.php. The manipulation of the argument PatBloodGroup1 leads to sql injection. The attack ca...

CVE-2025-4482

CVE-2025-4482 affects Project Worlds Student Project Allocation System 1.0. The vulnerability is a SQL injection in the file /change_pass/forgot_password_sql.php, caused by the parameter Pat_BloodGroup1. It is exploitable remotely and has been disclosed publicly. Multiple connected sources corrob...

CVE-2025-4482 Project Worlds Student Project Allocation System forgot_password_sql.php sql injection

A vulnerability classified as critical was found in Project Worlds Student Project Allocation System 1.0. Affected by this vulnerability is an unknown functionality of the file /changepass/forgotpasswordsql.php. The manipulation of the argument PatBloodGroup1 leads to sql injection. The attack ca...

Linux Distros Unpatched Vulnerability : CVE-2016-4482

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The procconnectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users ...

CVE-2024-4482

CVE-2024-4482 : The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is affected by Stored Cross-Site Scripting via the Countdown widget. Root cause: insufficient input sanitization and output escaping on the user-supplied text_day...

CVE-2024-4482 The Plus Addons for Elementor <= 5.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Countdown' widget in all versions up to, and including, 5.6.1 due to insufficient input sanitization and output escaping...

WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 5.6.1 is vulnerable to Cross Site Scripting (XSS)

Software The Plus Addons for Elementor Page Builder Lite Type Plugin Vulnerable versions = 5.6.1 Fixed in 5.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4482 Patch priority Low CVSS severity Low 6.5 Developer POSIMYTH Innovations PSID...

CVE-2023-4482

The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access to inject...

CVE-2023-4482 Auto Amazon Links <= 5.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via style

The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access to inject...

CVE-2023-4482

The CVE-2023-4482 entry concerns the Auto Amazon Links plugin for WordPress. It is vulnerable to Stored Cross-Site Scripting via the style parameter due to insufficient input sanitization and output escaping in versions up to and including 5.3.1. Exploitation requires authenticated access with co...

WordPress Auto Amazon Links Plugin <= 5.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Auto Amazon Links Type Plugin Vulnerable versions = 5.3.1 Fixed in 5.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4482 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0c8ec5425b66 Credits Marco Wotschka Require...

SUSE CVE-2006-4482

Multiple heap-based buffer overflows in the 1 strrepeat and 2 wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990...

CVE-2022-4482

creationtimestamp| type| source ---|---|--- 2023-01-16 18:24:02+00:00| seen| https://t.me/cibsecurity/56534 2025-04-04 18:36:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10529...

CVE-2022-4482

The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.5.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be...

CVE-2022-4482 Carousel, Slider, Gallery by WP Carousel < 2.5.3 - Contributor+ Stored XSS

The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.5.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be...

CVE-2022-4482

The CVE-2022-4482 entry covers the WP Carousel (Carousel, Slider, Gallery) WordPress plugin before version 2.5.3. The vulnerability is a Stored XSS caused by insufficient validation and escaping of shortcode attributes, enabling a low-privilege user (contributor) to inject scripts that could affe...

SUSE: Security Advisory (SUSE-SU-2022:4482-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...