CVE-2026-12986

A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attacker to leak the admin gfresttoken to an attacker-controlled host that can result in a full unauthenticated takeover of Payara admin domain. A...

EUVD-2026-38793

A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attacker to leak the admin gfresttoken to an attacker-controlled host that can result in a full unauthenticated takeover of Payara admin domain. A...

CVE-2024-1363

The Easy Accordion – Best Accordion FAQ Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'accordioncontentsource' attribute in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2024-1363

The Easy Accordion – Best Accordion FAQ Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'accordioncontentsource' attribute in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible...

WordPress Plugin Easy Accordion Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Outlook Search Indexing Fails on Windows Server 2019 VDA

When setting up a Windows Server 2019 virtual machine with Multi session VDA 1912, Outlook Search Indexing is not function properly. In this scenario, User Profile Management functions as expected, and the OutlookOST and OutlookSearchIndex VHDX disks are properly mounted when user signed in...

WordPress Content Source Control Plugin Directory Traversal Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

CVE-2014-5368

CVE-2014-5368 affects the WordPress WP Content Source Control plugin (versions 3.0.0 and earlier). A directory traversal vulnerability exists in the downloadfiles/download.php script where user-controlled input in the path parameter can be navigated with “..” to trigger read access via file_get_c...

WordPress WP Content Source Control Plugin - Directory Traversal

This WP Content Source Control plugin is prone to a directory-traversal vulnerability via "download.php". It fails to clean up user-supplied input. Using this plugin allows an attacker to obtain an important information which could aid in further attacks. Solution Upgrade the plugin...