CVE-2026-25378

CVE-2026-25378 affects the Nelio AB Testing WordPress plugin (

WordPress plugin Nelio AB Testing 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

MongoDB 8.0.x < 8.0.18 / 8.2.x < 8.2.4 Out-Of-Memory (SERVER-114126)

The version of MongoDB installed on the remote host is 8.0 prior to 8.0.18 and 8.2 prior to 8.2.4. It is, therefore, affected by a vulnerability as referenced in the SERVER-114126 advisory. - Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory...

CVE-2026-25597

PrestaShop is an open source e-commerce web application. Prior to 8.2.4 and 9.0.3, there is a time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by...

CVE-2026-25597

Summary (CVE-2026-25597): PrestaShop prior to 8.2.4 and 9.0.3 exposes a time-based user enumeration vulnerability in the login/authentication flow, allowing an attacker to deduce whether a customer account exists by measuring response times. The issue is fixed in versions 8.2.4 and 9.0.3. Impact ...

CVE-2026-25597 PrestaShop has a time based enumeration in FO login form

PrestaShop is an open source e-commerce web application. Prior to 8.2.4 and 9.0.3, there is a time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by...

CVE-2026-25597 PrestaShop has a time based enumeration in FO login form

PrestaShop is an open source e-commerce web application. Prior to 8.2.4 and 9.0.3, there is a time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by...

CVE-2026-25597

PrestaShop is an open source e-commerce web application. Prior to 8.2.4 and 9.0.3, there is a time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by...

PT-2026-6549

Name of the Vulnerable Software and Affected Versions PrestaShop versions prior to 8.2.4 PrestaShop versions prior to 9.0.3 Description PrestaShop contains a time-based user enumeration issue in its user authentication functionality. An attacker can determine if a customer account exists by...

Ergon Informatik AG Airlock IAM 安全漏洞

Ergon Informatik AG Airlock IAM is a secure access management system from Ergon Informatik AG, Switzerland. A security vulnerability exists in Ergon Informatik AG Airlock IAM, which stems from a difference in password reset time and could lead to username enumeration. The following versions are...

CVE-2021-20099

Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100...

SUSE-SU-2025:20011-1 Security update for qemu

This update for qemu fixes the following issues: - Update to version 8.2.5: target/loongarch: fix a wrong print in cpu dump ui/sdl2: Allow host to power down screen target/i386: fix SSE and SSE2 feature check target/i386: fix xsave.flat from kvm-unit-tests disas/riscv: Decode all of the pmpcfg an...

CVE-2024-12280

The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF check in place when deleting its logs, which could allow attackers to make a logged in to delete them via a CSRF attack...

CVE-2024-12436

Technical details beyond the Description are not provided in the supplied documents; monitor for updates on CVE-2024-12436 related to WP Customer Area CSRF vulnerability.

WordPress plugin WP Customer Area 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Media Library Folders Plugin <= 8.2.3 is vulnerable to Broken Access Control

Software Media Library Folders Type Plugin Vulnerable versions = 8.2.3 Fixed in 8.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7858 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID e34ed26523d9 Credits Lucio Sá Required...

CVE-2024-6450

CVE-2024-6450 affects HyperView Geoportal Toolkit

CVE-2024-0338

A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler SEH...

CVE-2024-0338 Buffer Overflow Vulnerability in XAMPP

A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler SEH...

XAMPP Buffer Error Vulnerability

XAMPP is an easy-to-install Apache distribution that includes MariaDB, PHP, and Perl.The product is primarily used to build web servers. A buffer error vulnerability exists in XAMPP 8.2.4 and earlier versions. An attacker can execute arbitrary code via a long file debug parameter that controls a...