CVE-2026-7665

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajaxloadmore function due to insufficient restrictions on which posts can be included. This makes it possible f...

PT-2026-47130

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.6.4 via the ajax load more function due to insufficient restrictions on which posts can be included. This makes it possible...

[SECURITY] Fedora 44 Update: kwrited-6.6.4-1.fc44

KDE Write Daemon...

[SECURITY] Fedora 44 Update: oxygen-sounds-6.6.4-1.fc44

The Oxygen Sound Theme...

[SECURITY] Fedora 44 Update: ocean-sound-theme-6.6.4-1.fc44

Ocean Sound Theme for Plasma...

[SECURITY] Fedora 44 Update: bluedevil-6.6.4-1.fc44

BlueDevil is the bluetooth stack for KDE...

EUVD-2013-4875

Malware in sbrugna...

EUVD-2013-4874

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-8793

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSMTPD before 6.6.4 allows local users to read arbitrary files e.g., on some Linux distributions because of a combination of an untrusted search path in...

WordPress plugin Events Calendar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

PT-2025-3359 · Tencent · Qqmail

Name of the Vulnerable Software and Affected Versions: QQMail version 6.6.4 Description: An issue in QQMail iOS allows attackers to access sensitive user information via supplying a crafted link. Recommendations: For version 6.6.4, update to a newer version that contains a fix for this issue. At...

CVE-2024-8275

The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tribehasnextevent' function in all versions up to, and including, 6.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

WordPress plugin The Events Calendar SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability...

CVE-2021-38323 RentPress <= 6.6.4 Reflected Cross-Site Scripting

The RentPress WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the /src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.6.4...

CVE-2021-38323 RentPress <= 6.6.4 Reflected Cross-Site Scripting

The RentPress WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the /src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.6.4...

RentPress <= 6.6.4 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the /src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrary web scripts...

Information disclosure

In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation...

GNU GLOBAL: Arbitrary code execution

Background GNU GLOBAL is a source code tagging system that works the same way across diverse environments, such as Emacs editor, Vi editor, Less viewer, Bash shell, various web browsers, etc. Description A vulnerability was found in an undocumented function of gozilla. Impact A remote attacker...

CVE-2020-8794

OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mtaio in mtasession.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce...

There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files

This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...