Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion

Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via comimagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. dot dot in the folder parameter to index.php. id: CVE-2008-4668 info: name: Joomla! Image Browser 0.1.5 rc2 - Local...

MINI-Q5RW-4668-WM6X

Bulletin has no description...

MINI-RHC4-75C5-4668

Bulletin has no description...

CVE-2026-4668

creationtimestamp| type| source ---|---|--- 2026-04-01 02:19:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mifmvdvqfb2s 2026-04-01 19:45:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mihhd2kr7a2k...

PT-2025-21639 · Undefined · Undefined

CVE-2025-4668 - Apache HTTP Server Deserialization Vulnerability CVE ID : CVE-2025-4668 Published : May 13, 2025, 9:16 p.m. | 2 hours, 7 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and...

CGA-VGW7-W4PV-4668

Bulletin has no description...

CVE-2024-4668

CVE-2024-4668 (Gum Elementor Addon, WordPress) : The WordPress Gum Elementor Addon is affected by a stored cross-site scripting (XSS) flaw in the Price Table and Post Slider widgets for all versions up to and including 1.3.4, caused by insufficient input sanitization and output escaping of user-s...

CVE-2024-4668 Gum Elementor Addon <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price Table and Post Slider Widgets

The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Price Table and Post Slider widgets in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-4668 Gum Elementor Addon <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price Table and Post Slider Widgets

The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Price Table and Post Slider widgets in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Gum Elementor Addon Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Gum Elementor Addon Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4668 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5ff0c810f441 Credits stealthcopter Requir...

CVE-2023-4668 Ad Inserter <= 2.7.30 - Unauthenticated Sensitive Information Exposure via ai-debug-processing-fe

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins present and active, active theme,...

CVE-2023-4668

The WordPress Ad Inserter plugin (

CVE-2023-4668 Ad Inserter <= 2.7.30 - Unauthenticated Sensitive Information Exposure via ai-debug-processing-fe

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins present and active, active theme,...

WordPress Ad Inserter Plugin <= 2.7.30 is vulnerable to Sensitive Data Exposure

Software Ad Inserter Type Plugin Vulnerable versions = 2.7.30 Fixed in 2.7.31 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-4668 Patch priority Low CVSS severity Low 5.3 Developer Igor Funa PSID c1880bc4c6b9 Credits Marco Wotschka Required privilege...

SUSE CVE-2012-4668

Cross-site scripting XSS vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email...

CVE-2022-4668 Easy Appointments < 3.11.2 - Contributor+ Stored XSS in Shortcode

The Easy Appointments WordPress plugin before 3.11.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2022-4668 Easy Appointments < 3.11.2 - Contributor+ Stored XSS in Shortcode

The Easy Appointments WordPress plugin before 3.11.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2022-4668

CVE-2022-4668 affects the Easy Appointments WordPress plugin (versions before 3.11.2). The issue is that shortcode attributes are not validated/escaped before output, enabling Stored Cross‑Site Scripting by users with as little as a contributor against high‑privilege users (e.g., admins). A PoC e...

CVE-2020-4668

creationtimestamp| type| source ---|---|--- 2022-04-08 21:55:47+00:00| seen| https://t.me/cibsecurity/40394...

CVE-2020-4668

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 18628...