2673 matches found
Grok chats show up in Google searches
I’m starting to feel like a broken record, but I feel you should know that yet another AI has been found sharing private conversations so that Google was able to index them, and now they can be found in search results. It’s déjà vu in the world of AI: another day, another exposé about chatbot...
CVE-2025-8618 WPC Smart Quick View for WooCommerce <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via woosq_btn Shortcode
The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woosqbtn shortcode in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
CVE-2025-8618 WPC Smart Quick View for WooCommerce <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via woosq_btn Shortcode
The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woosqbtn shortcode in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
WordPress Plugin Button Block Cross-Site Request Forgery Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress plugin Button Block 1.2.0 and prior...
Linux Distros Unpatched Vulnerability : CVE-2019-20386
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in buttonopen in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur...
CVE-2025-7439
Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $anberitem'buttonlink''url'’ parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-7440
The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item'buttonlink''url' parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
RHEL 6 : tigervnc (RHSA-2025:13998)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13998 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it...
CVE-2025-54694
Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...
CVE-2025-7440
The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item'buttonlink''url' parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-7439
Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $anberitem'buttonlink''url'’ parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-7439 Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner button link
Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $anberitem'buttonlink''url'’ parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-7439
CVE-2025-7439 affects the WordPress plugin “Anber Elementor Addon.” It is vulnerable to a stored cross-site scripting (XSS) condition via the button_link["url"] parameter in versions up to and including 1.0.1. Exploitation requires at least Contributor-level access, and scripts execute when a use...
CVE-2025-7439 Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Banner button link
Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $anberitem'buttonlink''url'’ parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-7440 Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Carousel button link
The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item'buttonlink''url' parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-7440
CVE-2025-7440 affects the WordPress plugin Anber Elementor Addon , with a Stored Cross-Site Scripting vulnerability in the parameter $item['button_link']['url'] in all versions up to 1.0.1. Exploitation requires authenticated access at Contributor level or higher, and an injected page can execute...
PT-2025-33525 · WordPress · Anber Elementor Addon
Name of the Vulnerable Software and Affected Versions: Anber Elementor Addon versions prior to 1.0.2 Description: The Anber Elementor Addon plugin for WordPress is susceptible to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated...
PT-2025-33526 · WordPress · Anber Elementor Addon
Name of the Vulnerable Software and Affected Versions: Anber Elementor Addon versions up to and including 1.0.1 Description: The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item'button link''url' parameter due to insufficient input sanitization...
CVE-2025-43734
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows...
MAL-2025-9667 Malicious code in @wisetail/wds-button (npm)
The package @wisetail/wds-button was found to contain malicious code...