9 matches found
CVE-2025-69382
Deserialization of Untrusted Data vulnerability in themesflat Themesflat Elementor themesflat-elementor allows Object Injection.This issue affects Themesflat Elementor: from n/a through = 1.0.1...
PT-2025-33462 · WordPress · Add User Meta
Name of the Vulnerable Software and Affected Versions: Add User Meta plugin for WordPress versions up to and including 1.0.1 Description: The Add User Meta plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the add-user-meta page. Thi...
PT-2024-35298 · Templines · Templines Tm Islamic Helper
Name of the Vulnerable Software and Affected Versions: Templines TM Islamic Helper versions 1.0.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected Cross-site Scripting XSS. This enables malicious script...
PT-2024-35213 · Cmsminds · Cmsminds Boat Rental Plugin For Wordpress
Name of the Vulnerable Software and Affected Versions: cmsMinds Boat Rental Plugin for WordPress versions 1.0.1 and earlier Description: The issue allows malicious file uploads, posing a risk of web server compromise. This can enable an attacker to upload a web shell to a web server...
PT-2024-39597 · Wpzest · The Easy Menu Manager | Wpzest
Name of the Vulnerable Software and Affected Versions: The Easy Menu Manager | WPZest plugin for WordPress versions up to, and including, 1.0.1 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escaping. This...
PT-2024-19036 · Unknown · Atakan Au 1 Click Disable All
Name of the Vulnerable Software and Affected Versions: Atakan Au 1 click disable all versions 1.0.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed. This issue can be exploited by tricking a user into performing ...
PT-2024-21391 · Fullstackhero · Webapi Boilerplate
Name of the Vulnerable Software and Affected Versions: FullStackHero's WebAPI Boilerplate versions 1.0.0 through 1.0.1 Description: A host header injection issue in the forgot password function allows attackers to leak the password reset token via a crafted request. Recommendations: For versions...
Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSS
Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4979 more potentially affected by CVE-2022-41887 via tensorflow (>=1.0.1 <=2.9.2)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-41887 Source advisory: OSV:GHSA-8FVV-46HW-VPG3...