6 matches found
EUVD-2026-15837
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...
PT-2026-1275
Name of the Vulnerable Software and Affected Versions Xinhu Rainrock RockOA versions up to 2.7.1 Description A security issue exists in Xinhu Rainrock RockOA. The issue involves cross site scripting, potentially allowing remote attacks. The issue is related to the manipulation of the callback...
CVE-2025-58653
CVE-2025-58653 affects the WordPress plugin JSM file_get_contents Shortcode (JSM file_get_contents() Shortcode). Description indicates improper input neutralization leading to a Stored XSS within the shortcode, with affected versions from unknown earlier than or equal to 2.7.1. Connected document...
PT-2024-35688 · WordPress · Login/Signup Popup
Name of the Vulnerable Software and Affected Versions: Login/Signup Popup Inline Form + Woocommerce plugin for WordPress versions 2.7.1 through 2.7.2 Description: The issue is related to a missing capability check on the import settings function, allowing authenticated attackers with...
PT-2024-11742 · WordPress · Js Help Desk – Best Help Desk & Support Plugin
Name of the Vulnerable Software and Affected Versions: JS Help Desk – Best Help Desk & Support Plugin versions n/a through 2.7.1 Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects the JS Help Desk – Best Help Desk & Support Plugin...
CVE-2022-23565
Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...