848 matches found
PT-2026-7529
Name of the Vulnerable Software and Affected Versions Media Streaming add-on versions prior to 500.1.1.6 Description An out-of-bounds read issue exists in Media Streaming add-on. An attacker with local network access can exploit this to obtain secret data. Recommendations Update to Media Streamin...
CVE-2026-24985
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
CVE-2026-24985
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
EUVD-2026-5243
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
CVE-2026-24985 WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
CVE-2026-24985
The CVE-2026-24985 entry describes a Missing Authorization/Broken Access Control vulnerability in the approveme WP Forms Signature Contract Add-On for WordPress, affecting versions up to and including 1.8.2. The issue stems from incorrectly configured access control security levels, enabling unau...
PT-2026-6233
Name of the Vulnerable Software and Affected Versions approveme WP Forms Signature Contract Add-On versions through 1.8.2 Description The WP Forms Signature Contract Add-On contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access...
MiracleLinux 4 : firefox-68.10.0-1.0.1.AXS4 (AXSA:2020-213:15)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-213:15 advisory. Mozilla: Information disclosure due to manipulated URL object CVE-2020-12418 Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12419 Mozilla:...
CVE-2025-9427
The CVE-2025-9427 entry describes an XSS vulnerability in the Lemonsoft WordPress add-on, caused by improper neutralization of input during web page generation. Affected component: Lemonsoft WordPress add-on (version 2025.7.1). Impact is cross-site scripting with potential confidentiality, integr...
WordPress plugin WordPress add-on 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2020-12320
Uncontrolled search path in IntelR SCS Add-on for Microsoft SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-26512
Uncontrolled search path element in the IntelR FPGA Add-on for IntelR oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-23623
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mahesh Bisen Contact Form 7 – CCAvenue Add-on cf7-cc-avenue-add-on allows Reflected XSS.This issue affects Contact Form 7 – CCAvenue Add-on: from n/a through = 1.0...
CVE-2025-23655
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in crystalwebpro Contact Form 7 – Paystack Add-on cf7-paystack-add-on allows Reflected XSS.This issue affects Contact Form 7 – Paystack Add-on: from n/a through = 1.2.3...
CVE-2019-12739
lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php nameOfFile and directory parameters...
REDAXO 安全漏洞
REDAXO is a content management system of REDAXO open source. A security vulnerability exists in REDAXO versions prior to 5.20.2, which stems from a path traversal in the file export function of the Backup add-on, which could cause a user with backup privileges to read arbitrary files in the webro...
CVE-2025-12067 Table Field Add-on for ACF and SCF <= 1.3.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Table Cell Content
The Table Field Add-on for ACF and SCF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Table Cell Content in all versions up to, and including, 1.3.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
PT-2026-1419
Name of the Vulnerable Software and Affected Versions Table Field Add-on for ACF and SCF plugin for WordPress versions up to and including 1.3.30 Description The software is susceptible to Stored Cross-Site Scripting through the Table Cell Content due to inadequate input sanitization and output...
WordPress Table Field Add-on for ACF and SCF plugin <= 1.3.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Table Cell Content vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Table Cell Content vulnerability discovered by shark3y in WordPress Plugin Table Field Add-on for ACF and SCF versions = 1.3.30...
CVE-2025-62099
Missing Authorization vulnerability in approveme Signature Add-On for Gravity Forms gravity-signature-forms-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Signature Add-On for Gravity Forms: from n/a through = 1.8.6...