EUVD-2026-34793

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8...

CVE-2023-50167

Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with editing/rendering user html content...

EUVD-2025-28052

Malicious code in bioql PyPI...

EUVD-2022-2163

Malicious code in bioql PyPI...

CVE-2025-59940

mkdocs-include-markdown-plugin is an Mkdocs Markdown includer plugin. In versions 7.1.7 and below, there is a vulnerability where unvalidated input can collide with substitution placeholders. This issue is fixed in version 7.1.8...

CVE-2025-59940 mkdocs-include-markdown-plugin susceptible to unvalidated input colliding with substitution placeholders

mkdocs-include-markdown-plugin is an Mkdocs Markdown includer plugin. In versions 7.1.7 and below, there is a vulnerability where unvalidated input can collide with substitution placeholders. This issue is fixed in version 7.1.8...

CVE-2025-59940

mkdocs-include-markdown-plugin (MkDocs) is affected in versions 7.1.7 and earlier due to unvalidated input colliding with substitution placeholders. The issue is resolved in version 7.1.8. Fedora advisories reference the same CVE-2025-59940 remediation. Impact details in the provided documents in...

Security Bulletin: Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.7 SP2

Summary Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.7 SP2 are available to download from Cloudera and IBM. Vulnerability Details CVEID:CVE-2017-7657 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked...

WordPress Total processing card payments for WooCommerce plugin <= 7.1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Nomupay Payment Processing Gateway versions = 7.1.6...

CVE-2024-7422

CVE-2024-7422 (Theme My Login for WordPress) is a CSRF vulnerability in the Theme My Login plugin that affects multi-site WordPress installations. It arises from missing or incorrect nonce validation in the tml_admin_save_ms_settings() function, enabling an unauthenticated attacker to forge a req...

WordPress Theme My Login plugin <= 7.1.7 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by vgo0 in WordPress Plugin Theme My Login versions = 7.1.7...

WordPress Theme My Login Plugin <= 7.1.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Theme My Login Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7422 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3496bb32e539 Credits vgo0 Required privile...

CVE-2024-1534

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2023-50167

Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with editing/rendering user html content...

CVE-2023-50167

Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with editing/rendering user html content...

CVE-2023-50167

Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with editing/rendering user html content...

CVE-2023-50167

Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with editing/rendering user html content...

PT-2024-13874 · Pegasystems · Pega Platform

Name of the Vulnerable Software and Affected Versions: Pega Platform versions 7.1.7 through 23.1.1 Description: The issue is related to an XSS problem when editing or rendering user HTML content. Recommendations: For Pega Platform versions 7.1.7 through 23.1.1, update to a version that includes a...

Pegasystem PEGA Platform Cross-Site Scripting Vulnerability

Pegasystem PEGA Platform is a suite of application development platforms from the US-based Pegasystem. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making and CRM Customer Relationship Management. A cross-site scripting...

CVE-2023-2907

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Marksoft allows SQL Injection.This issue affects Marksoft: through Mobile:v.7.1.7 ; Login:1.4 ; API:20230605...