EUVD-2022-55831

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs statekcalloc usage adrenoshowobject is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree. Which means the data passed to it...

CVE-2025-68529

Cross-Site Request Forgery CSRF vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Request Forgery.This issue affects WP Email Capture: from n/a through = 3.12.5...

CVE-2025-68568

Missing Authorization vulnerability in Claspo Popup Builders Claspo – Popups, Spin the Wheel & Email Capture claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Claspo – Popups, Spin the Wheel & Email Capture: from n/a through = 1.0.7...

Exploit for Session Fixation in Ollama

CVE-2025-51471 - Ollama Cross-Domain Token Exposure PoC !CVE...

EUVD-2025-205267

Missing Authorization vulnerability in integrationclaspo Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture & Lead Generation forms maker claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Builder: Exit-Intent...

EUVD-2025-205193

Cross-Site Request Forgery CSRF vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Request Forgery.This issue affects WP Email Capture: from n/a through = 3.12.5...

CVE-2025-68568

Missing Authorization vulnerability in Claspo Popup Builders Claspo – Popups, Spin the Wheel & Email Capture claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Claspo – Popups, Spin the Wheel & Email Capture: from n/a through = 1.0.7...

CVE-2025-68529

Cross-Site Request Forgery CSRF vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Request Forgery.This issue affects WP Email Capture: from n/a through = 3.12.5...

CVE-2025-68529

Technical details for CVE-2025-68529 are not provided in the supplied connected documents. Current information confirms CSRF vulnerability in WP Email Capture

CVE-2025-68529 WordPress WP Email Capture plugin <= 3.12.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Request Forgery.This issue affects WP Email Capture: from n/a through = 3.12.5...

PT-2025-53256

Missing Authorization vulnerability in integrationclaspo Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture & Lead Generation forms maker claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Builder: Exit-Intent...

WordPress plugin Claspo – Popups, Spin the Wheel & Email Capture 安全漏洞

...

WordPress plugin WP Email Capture 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-53094

Name of the Vulnerable Software and Affected Versions WP Email Capture versions through 3.12.5 Description The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to potentially perform actions on behalf of authenticated users without their knowledge. Recommendations...

ClinCapture EDC 安全漏洞

ClinCapture EDC is a clinical trial data capture system from ClinCapture, Inc. A security vulnerability exists in ClinCapture EDC versions 3.0 and 2.2.3, which originates in reflective cross-site scripting and could lead to the execution of JavaScript code by an unauthenticated, remote attacker i...

CVE-2025-65270

CVE-2025-65270 is a reflected XSS vulnerability in ClinCapture EDC versions 2.2.3 and 3.0, allowing an unauthenticated remote attacker to execute JavaScript in the victim’s browser. Root cause involves reflective XSS in ClinCapture EDC. Impact is context of the victim’s browser with low confident...

WordPress Claspo – Popups, Spin the Wheel & Email Capture plugin <= 1.0.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Claspo – Popups, Spin the Wheel & Email Capture versions = 1.0.7...

CVE-2023-53901

WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests...

CVE-2023-53901 WBCE CMS 1.6.1 Cross-Site Scripting and Open Redirect Vulnerability

WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests...

WBCE CMS 安全漏洞

WBCE CMS is a PHP and MySQL based open source content management system CMS from WBCE CMS Open Source. A security vulnerability exists in WBCE CMS version 1.6.1, which stems from a cross-site scripting vulnerability that could allow an attacker to upload malicious HTML files and capture user...