MINI-RG98-4963-QQ59

Bulletin has no description...

CVE-2026-4963

creationtimestamp| type| source ---|---|--- 2026-03-27 19:49:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi2vah6qgp2j...

a2a-smol-adapter (=0.1.0), agent-lifecycle-toolkit (>=0.2.1 <=0.10.1) +100 more potentially affected by CVE-2026-4963 via smolagents (>=0.1.3 <=1.24.0)

smolagents PYPI version =0.1.3, =0.2.1, =0.1.0, =0.1.5, =0.1.6, =0.0.1, =0.3.4, =1.0.0, =1.0.1 and more Source cves: CVE-2026-4963 Source advisory: OSV:GHSA-54FQ-V6X8-244G...

CVE-2025-4963

The WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, t...

CVE-2025-4963

creationtimestamp| type| source ---|---|--- 2025-05-28 09:56:03+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq7wrdjug642 2025-05-28 13:32:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqacul3lcj2q...

CVE-2025-4963 WP Extended <= 3.0.15 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, t...

CVE-2025-4963 WP Extended <= 3.0.15 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, t...

WordPress WP Extended plugin <= 3.0.15 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by rajanhoyr in WordPress Plugin The Ultimate WordPress Toolkit – WP Extended versions = 3.0.15...

CVE-2022-4963

creationtimestamp| type| source ---|---|--- 2025-03-06 02:16:33+00:00| seen| Telegram/We9bwyugaRcV2-8b48q5DCMikNBT5SBCcFgNfXBk10IYZPKM...

Linux Distros Unpatched Vulnerability : CVE-2016-4963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service management tool confusi...

Adobe Reader < 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-09) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30418, 2017.011.30080, or 2018.011.20040. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and...

CVE-2024-4963

The CVE-2024-4963 entry concerns D-Link DAR-7000-40, version V31R02B1413C, where the /url/url.php component is vulnerable. The issue arises from manipulating the file_upload argument, enabling unrestricted remote upload. Exploitation is possible remotely and has been publicly disclosed. All sourc...

CVE-2022-4963

CVE-2022-4963 affects Folio Spring Module Core up to version 1.1.5. The vulnerability is a SQL injection in the dropSchema function of HibernateSchemaService.java (Schema Name Handler). Root cause: improper handling in dropSchema leads to injection risk. Upgrading to version 2.0.0 addresses the i...

CVE-2023-4963

The WS Facebook Like Box Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ws-facebook-likebox' shortcode in versions up to, and including, 5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-4963

The CVE 2023-4963 entry covers the WS Facebook Like Box Widget for WordPress. A Stored XSS exists in the ws-facebook-likebox shortcode for versions up to and including 5.0 due to insufficient input sanitization and output escaping on user-supplied attributes. This allows authenticated attackers w...

CVE-2023-4963 WS Facebook Like Box Widget <= 5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WS Facebook Like Box Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ws-facebook-likebox' shortcode in versions up to, and including, 5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-4963 WS Facebook Like Box Widget <= 5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WS Facebook Like Box Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ws-facebook-likebox' shortcode in versions up to, and including, 5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress WS Facebook Like Box Widget Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS)

Software WS Facebook Like Box Widget Type Plugin Vulnerable versions = 5.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4963 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 253f2e5e6627 Credits Lana Codes...

Mageia: Security Advisory (MGASA-2017-0012)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...