CVE-2025-67996

Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.This issue affects Nestin: from n/a through 1.2.6...

CVE-2025-67996

Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.This issue affects Nestin: from n/a through 1.2.6...

CVE-2025-67996

CVE-2025-67996 : WordPress Nestin theme < 1.2.6 suffers a Deserialization of Untrusted Data vulnerability leading to PHP Object Injection. Red Hat and NVD entries corroborate the issue, referring to Nestin’s affected range as “Nestin: from n/a through

CVE-2025-67996 WordPress Nestin theme < 1.2.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.This issue affects Nestin: from n/a through 1.2.6...

CVE-2025-67996 WordPress Nestin theme < 1.2.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldThemes Nestin nestin allows Object Injection.This issue affects Nestin: from n/a through 1.2.6...

WordPress plugin Nestin 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

WordPress Nestin theme < 1.2.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Nestin versions 1.2.6...

MoneyPrinterTurbo 代码问题漏洞

MoneyPrinterTurbo is a software by Harry's personal developer that generates short HD videos using AI macromodels. A code issue vulnerability exists in MoneyPrinterTurbo 1.2.6 and earlier versions, which stems from an arbitrary file upload due to incorrect manipulation of File, a parameter of the...

Envoy Gateway 安全漏洞

Envoy Gateway is an Envoy Proxy open source that uses Envoy agents as gateways for standalone or Kubernetes-based applications. A security vulnerability exists in Envoy Gateway versions prior to 1.2.6, which stems from the presence of a path traversal vulnerability that allows a user to execute...

WordPress Sominx theme < 1.2.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by justakazh Patchstack Alliance in WordPress Theme Sominx - Creative Business Agency WordPress Theme versions 1.2.6...

PT-2024-8657 · Velocity +2 · Velocity +2

Name of the Vulnerable Software and Affected Versions: Butterfly framework versions prior to 1.2.6 Description: The Butterfly framework has a weakness related to incorrect restriction of the path name to a directory with limited access. This can be exploited by an attacker with network access to...

CVE-2024-1287

The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes via an SQLi vector...

WordPress plugin pmpro-member-directory 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in...

WordPress UsersWP plugin < 1.2.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin UsersWP versions 1.2.6...

PT-2024-24121 · Yubico +1 · Yubico Ykman-Gui +2

Name of the Vulnerable Software and Affected Versions: Yubico ykman-gui aka YubiKey Manager GUI versions prior to 1.2.6 Description: A privilege escalation issue exists because browser windows can open as Administrator when Edge is not used on Windows systems. This could allow for unexpected...

TinyDir Security Vulnerability

TinyDir is lightweight, portable and easy to integrate C directory and file reader. A security vulnerability exists in TinyDir versions prior to 1.2.6 that stems from the presence of a buffer overflow vulnerability...

PT-2023-7930 · Tinydir +1 · Tinydir +1

Name of the Vulnerable Software and Affected Versions: TinyDir versions prior to 1.2.6 Description: The issue is related to buffer overflows in the tinydir file open function, which can be exploited by a remote attacker to execute arbitrary code. TinyDir is a lightweight C directory and file...

SUSE CVE-2014-3756

The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service hang and resource consumption via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the 1 user or 2 channel name in a Qt dialog, 3...

WordPress和WordPress plugin SQL注入漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers.A SQL injection vulnerability exists in versions prior to WordPress Ad Invalid Click Protector AICP plugin 1.2.6, which stems from ...

PYSEC-2021-870

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...