CVE-2026-38669

CVE-2026-38669 affects wCMS v1.4 and is described as a Cross Site Scripting (XSS) vulnerability when creating a new blog. The connected sources confirm the product/version and the XSS impact, with a CVSS v3.1 base score of 6.1 (Medium) and user interaction required. The documents do not provide r...

WCMS 跨站脚本漏洞

WCMS is a content management system CMS developed by Vedegis for individual users. Version wCMS v.1.4 has a cross-site scripting vulnerability, which stems from cross-site scripting attacks when creating new blogs...

EUVD-2026-27001

wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...

CVE-2026-38669

wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...

CVE-2026-38669

wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...

PT-2026-36832

wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...

CVE-2026-5077

The CVE-2026-5077 entry affects the WordPress Total theme. Vulnerable component: rendering of the_title() inside HTML attribute context in the Home Page blog section template. Root cause: insufficient output escaping in post titles, allowing Stored XSS. Impact: authenticated attackers with contri...

CVE-2026-5077

The Total theme for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in versions up to, and including, 2.2.1 due to insufficient output escaping when rendering thetitle inside HTML attribute context in the home blog section template. This makes it possible for authenticated...

CVE-2026-5077 Total <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title in Blog Section Image alt Attribute

The Total theme for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in versions up to, and including, 2.2.1 due to insufficient output escaping when rendering thetitle inside HTML attribute context in the home blog section template. This makes it possible for authenticated...

WordPress Blog Designer Pack – Blog, Post Grid, Post Slider, Post Carousel, Category Post, News plugin <= 3.4.9 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin News & Blog Designer Pack versions = 3.4.9...

Best Diagram Software in 2026, Why EdrawMax Works for Everyday Use

Compare top diagram software in 2026 and see why Wondershare EdrawMax can be a practical choice for fast, template rich, AI supported diagramming...

CVE-2026-41404

creationtimestamp| type| source ---|---|--- 2026-04-30 19:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkqcptrocq2s...

CVE-2026-42422

creationtimestamp| type| source ---|---|--- 2026-04-30 15:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkpwydlfkj2r...

Beyond the Ledger: Why Akamai Is Redefining How We Measure CLIMATE Impact

...

CVE-2026-7053

creationtimestamp| type| source ---|---|--- 2026-04-29 23:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkobdpzwku2v...

CVE-2026-7057

creationtimestamp| type| source ---|---|--- 2026-04-29 23:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mko7o3hsyn2o...

8 best practices for CISOs conducting risk reviews

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

Brinker Introduces a Novel Approach to Deepfake Detection

WILMINGTON, Delaware, 29th April 2026, CyberNewswire...

Medieval Encrypted Letter Decoded

Sent by a Spanish diplomat. Apparently people have been working on it since it was rediscovered in 1860...

Winning the Ransomware Race: The New Segmentation Partner Playbook

...