CVE-2026-42679 WordPress Classified Listing plugin <= 5.3.8 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8...

WordPress Plugin “Classified Listing” Path Traversal Vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

Linux Distros Unpatched Vulnerability : CVE-2026-27942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to versio...

fast-xml-parser has stack overflow in XMLBuilder with preserveOrder

Impact Application crashes with stack overflow when user use XML builder with prserveOrder:true for following or similar input 'foo': 'bar': '@V': 'baz' Cause: arrToStr was not validating if the input is an array or a string and treating all non-array values as text content. What kind of...

CVE-2026-27942 fast-xml-parser has stack overflow in XMLBuilder with preserveOrder

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

CVE-2026-27942

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003968)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003968 advisory. Memory leaks in clocksourcecreate functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service memory...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001657)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001657 advisory. Memory leaks in clocksourcecreate functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service memory...

CVE-2022-0178

Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8...

EUVD-2022-0740

Malicious code in bioql PyPI...

EUVD-2024-31294

Malicious code in bioql PyPI...

EUVD-2024-31293

Malicious code in bioql PyPI...

WordPress AutomatorWP plugin <= 5.3.7 - Authenticated (Subscriber+) Missing Authorization to Multiple Functions vulnerability

Authenticated Subscriber+ Missing Authorization to Multiple Functions vulnerability discovered by stealthcopter in WordPress Plugin AutomatorWP versions = 5.3.7...

CVE-2025-48292

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in GoodLayers Tourmaster tourmaster allows PHP Local File Inclusion.This issue affects Tourmaster: from n/a through = 5.3.8...

CVE-2025-47537

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows SQL Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through = 5.3.8...

CVE-2025-47537

CVE-2025-47537 describes an SQL Injection vulnerability in the WordPress plugin set PDF Invoices for WooCommerce + Drag and Drop Template Builder. The issue arises from improper neutralization of special elements in SQL commands, affecting versions up to and including 5.3.8. Connected sources (PT...

CVE-2025-26888 WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Amir Helzer WooCommerce Multilingual & Multicurrency woocommerce-multilingual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through = 5.3.8...

WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WooCommerce Multilingual & Multicurrency versions = 5.3.8...

WordPress plugin WooCommerce Multilingual & Multicurrency 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-33552

Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8...