847 matches found
PT-2026-26632
A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Media Streaming Add-on 500.1.1 and later...
Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP add-on GNU/Linux subsystem.
The SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP is the central processing unit CPU of the Siemens S7-1500 series for high-performance, communication-demanding and complex automation tasks. Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP add-on GNU/Linux subsystem,...
CVE-2026-2899
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.1.17. This is due to the deleteFile method in the Uploader class lacking nonce verification and capability checks. The AJAX action is registered via...
WordPress Fluent Forms Pro Add On Pack plugin <= 6.1.17 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability
Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...
EUVD-2026-9526
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.1.17. This is due to the deleteFile method in the Uploader class lacking nonce verification and capability checks. The AJAX action is registered via...
WordPress Fluent Forms Pro Add On Pack plugin <= 6.1.17 - Missing Authorization to Unauthenticated Payment Status modification vulnerability
Missing Authorization to Unauthenticated Payment Status modification vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...
CVE-2026-2428
The CVE concerns the Fluent Forms Pro Add On Pack for WordPress, vulnerable in all versions up to 6.1.17 due to disabled PayPal IPN verification (disable_ipn_verification defaults to 'yes' in PayPalSettings.php). This enables unauthenticated attackers to send forged PayPal IPN notifications to th...
CVE-2025-68534
Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through = 6.3.0...
CVE-2025-68534
Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through = 6.3.0...
PT-2026-21091
Name of the Vulnerable Software and Affected Versions PDF for WPForms versions through 6.3.0 Description A missing authorization issue exists in PDF for WPForms, allowing exploitation due to incorrectly configured access control security levels. The issue is present in add-ons.org PDF for WPForms...
CVE-2024-56807
An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...
CVE-2024-56807
An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...
CVE-2024-56808
A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following...
CVE-2024-56807 Media Streaming add-on
An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...
CVE-2024-56808 Media Streaming add-on
A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following...
CVE-2024-56808
A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following...
CVE-2024-56808 Media Streaming add-on
A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following...
CVE-2024-56808
CVE-2024-56808 affects Media Streaming add-on. A command injection vulnerability exists that can be exploited by an attacker with local network access and a valid user account to execute arbitrary commands. The issue is mitigated by upgrading to Media Streaming add-on version 500.1.1.6 (released ...
QNAP Systems Media Streaming add-on 操作系统命令注入漏洞
The QNAP Systems Media Streaming add-on is a multimedia enhancement plugin developed by QNAP Systems, a company from Taiwan, China. The QNAP Systems Media Streaming add-on has a vulnerability related to operating system command injection. This vulnerability stems from command injections, which ma...
PT-2026-7529
Name of the Vulnerable Software and Affected Versions Media Streaming add-on versions prior to 500.1.1.6 Description An out-of-bounds read issue exists in Media Streaming add-on. An attacker with local network access can exploit this to obtain secret data. Recommendations Update to Media Streamin...