WordPress Memberlite Shortcodes plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Memberlite Shortcodes versions = 1.4.1...

EUVD-2019-12058

Malware in sbrugna...

EUVD-2020-22420

Malware in sbrugna...

EUVD-2020-7026

Malware in sbrugna...

EUVD-2019-12619

Malware in sbrugna...

EUVD-2022-26722

Malicious code in bioql PyPI...

EUVD-2023-26075

Malicious code in bioql PyPI...

Debian: Security Advisory (DLA-4189-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: There is an Out-of-Bounds write vulnerability in MIT's Kerberos 5 that is shipped with IBM TXSeries for Multiplatforms (CVE-2025-24528).

Summary There is an Out-of-Bounds write vulnerability in MIT's Kerberos 5 that is shipped with IBM TXSeries for Multiplatforms CVE-2025-24528. MIT's Kerberos 5 is a network authentication protocol that is used by IBM TXSeries for Multiplatforms. An update to IBM TXSeries for Multiplatforms has be...

WordPress Botnet Attack Blocker plugin <= 2.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Botnet Attack Blocker versions = 2.0.0...

Security Bulletin: IBM SPSS Analytic Server is affected by vulnerability in Netty (CVE-2022-41915)

Summary Netty is used by IBM SPSS Analytic Server. The latest patch includes Netty 4.1.109.Final to fix the vulnerability. Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is vulnerable to HTTP response splitting attacks, caused by a flaw when calling DefaultHttpHeaders.set with an...

Security Bulletin: IBM Sterling Global High Availability Mailbox is affected by IBM WebSphere Application Server Liberty is vulnerable to information disclosure due to Apache Santuario (CVE-2023-44483)

Summary IBM Sterling Global High Availability Mailbox is affected by a vulnerability in the Apache Santuario library used by IBM WebSphere Application Server Liberty when the wsSecurity-1.1, wsSecuritySaml-1.1 or samlWeb-2.0 feature is enabled. Vulnerability Details CVEID:CVE-2023-44483...

WordPress Simple Social Share Block Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Simple Social Share Block Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51865 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8b3f455be888 Credits SOPROBRO Required privilege...

Security Bulletin: IBM CICS TX Standard is vulnerable to Cross-site Scripting (Reflected) and Cross-Site Request Forgery (CSRF).

Summary Webpages that are shipped as part of IBM CICS TX Standard are vulnerable to Cross-site Scripting Reflected and Cross-Site Request Forgery CSFR. Updates to IBM CICS TX Standard have been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-41745 DESCRIPTION: IBM CIC...

Security Bulletin: Vulnerability in Go affects watsonx.data

Summary Golang Go is vulnerable to HTTP request smuggling, caused by a flaw when using MaxBytesHandler. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2022-41721 DESCRIPTION: Golang Go is vulnerable to HTTP request smuggling, caused by a flaw when using MaxBytesHandler. By sendin...

WordPress Team Showcase Plugin <= 1.22.23 is vulnerable to Cross Site Scripting (XSS)

Software Team Showcase Type Plugin Vulnerable versions = 1.22.23 Fixed in 1.22.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43321 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 48667d784b23 Credits LVT-tholv2k Required privilege...

WordPress ConeBlog – WordPress Blog Widgets Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)

Software ConeBlog – WordPress Blog Widgets Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37918 Patch priority Low CVSS severity Low 6.5 Developer WP Cone PSID 955179e335e5 Credits João Pedro S Alcântara Kinor...

WordPress The Post Grid Plugin <= 7.7.1 is vulnerable to Cross Site Scripting (XSS)

Software The Post Grid Type Plugin Vulnerable versions = 7.7.1 Fixed in 7.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35739 Patch priority Low CVSS severity Low 6.5 Developer Mamunur Rashid PSID 3801d97a66a9 Credits SouzaZinn Required privilege Contributor...

WordPress Classified Listing Plugin <= 3.0.10.3 is vulnerable to Broken Access Control

Software Classified Listing Type Plugin Vulnerable versions = 3.0.10.3 Fixed in 3.0.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3893 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 79fa3de2925e Credits Lucio Sá Required...

WordPress FluentForm Plugin <= 5.1.9 is vulnerable to Cross Site Scripting (XSS)

Software FluentForm Type Plugin Vulnerable versions = 5.1.9 Fixed in 5.1.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6957 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ac30a92484ee Credits drop Required privilege...