4 matches found
CVE-2026-2719
The Private WP suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Exceptions' setting in all versions up to, and including, 0.4.1. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2023-40015 via vyper (>=0.1.0b12 <=0.4.1)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.21.0 and more Source cves: CVE-2023-40015 Source advisory: OSV:GHSA-G2XH-C426-V8MF...
@550w-tools/cli (>=0.0.14 <=0.0.16), @550w-tools/core (>=0.0.14 <=0.0.16) +538 more potentially affected by CVE-2022-25904 via safe-eval (>=0.2.0 <=0.4.1)
safe-eval NPM version =0.2.0, =0.0.14, =0.0.14, =0.0.13, =0.0.14, =0.0.15, =1.0.1, =1.0.2, =1.0.3, =1.1.2, =0.1.16, =1.0.0, =0.3.0, =0.20.0, =2.0.295, =2.0.315 and more Source cves: CVE-2022-25904 Source advisory: SNYK:JS-SAFEEVAL-3175701...
PT-2006-5736 · Allmyguests · Allmyguests
Name of the Vulnerable Software and Affected Versions: AllMyGuests versions 0.4.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the AMGconfigcfg serverpath parameter in 1 modules/AllMyGuests/signin.php and 2 AllMyGuests/signin.php...