CVE-2025-68162

In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...

CVE-2025-68162

In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...

CVE-2025-68162

JetBrains TeamCity: CVE-2025-68162 affects the maven embedder in TeamCity versions before 2025.11, allowing loading of extensions via project configuration. The published metrics indicate a low overall severity (CVSS 3.1: Confidentiality None, Integrity Low, Availability None; Privileges Required...

PT-2025-51713

In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity...

EUVD-2025-203381

The Convercent Whistleblowing Platform operated by EQS Group contains a protection mechanism failure in its browser and session handling. By default, affected deployments omit HTTP security headers such as Content-Security-Policy, Referrer-Policy, Permissions-Policy, Cross-Origin-Embedder-Policy,...

WordPress UseStrict's Calendly Embedder plugin <= 1.1.7.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin UseStricts Calendly Embedder versions = 1.1.7.2...

PT-2025-51235

Name of the Vulnerable Software and Affected Versions Convercent Whistleblowing Platform versions affected versions not specified Description The application exhibits a protection mechanism failure in browser and session handling. It lacks essential HTTP security headers, including...

CVE-2025-67555

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStrict's Calendly Embedder: from n/a through = 1.1.7.2...

EUVD-2025-202091

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in useStrict UseStricts Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStricts Calendly Embedder: from n/a through = 1.1.7.2...

CVE-2025-34413

Legality WHISTLEBLOWING by DigitalPA contains a protection mechanism failure in which critical HTTP security headers are not emitted by default. Affected deployments omit Content-Security-Policy, Referrer-Policy, Permissions-Policy, Cross-Origin-Embedder-Policy, Cross-Origin-Opener-Policy, and...

CVE-2025-34413

CVE-2025-34413 affects DigitalPA Legality WHISTLEBLOWING. The protection mechanism failure is due to omission of critical HTTP security headers by default: Content-Security-Policy, Referrer-Policy, Permissions-Policy, Cross-Origin-Embedder-Policy, Cross-Origin-Opener-Policy, and Cross-Origin-Reso...

CVE-2025-34413 Legality WHISTLEBLOWING Missing Critical HTTP Security Headers

Legality WHISTLEBLOWING by DigitalPA contains a protection mechanism failure in which critical HTTP security headers are not emitted by default. Affected deployments omit Content-Security-Policy, Referrer-Policy, Permissions-Policy, Cross-Origin-Embedder-Policy, Cross-Origin-Opener-Policy, and...

CVE-2025-34413 Legality WHISTLEBLOWING Missing Critical HTTP Security Headers

Legality WHISTLEBLOWING by DigitalPA contains a protection mechanism failure in which critical HTTP security headers are not emitted by default. Affected deployments omit Content-Security-Policy, Referrer-Policy, Permissions-Policy, Cross-Origin-Embedder-Policy, Cross-Origin-Opener-Policy, and...

CVE-2025-67555

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStrict's Calendly Embedder: from n/a through = 1.1.7.2...

CVE-2025-67555

CVE-2025-67555 is an XSS vulnerability in UseStrict’s Calendly Embedder (cal-embedder-lite) for WordPress, affected versions up to and including 1.1.7.2. The Wordfence Vulnerability Report confirms this entry and classifies it as a stored cross-site scripting issue caused by improper input handli...

CVE-2025-67555 WordPress UseStrict's Calendly Embedder plugin <= 1.1.7.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStrict's Calendly Embedder: from n/a through = 1.1.7.2...

CVE-2025-67555 WordPress UseStrict's Calendly Embedder plugin <= 1.1.7.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStrict's Calendly Embedder: from n/a through = 1.1.7.2...

PT-2025-50148

Name of the Vulnerable Software and Affected Versions Legality WHISTLEBLOWING by DigitalPA affected versions not specified Description A protection mechanism failure exists due to the omission of critical HTTP security headers by default. Specifically, Content-Security-Policy, Referrer-Policy,...

WordPress plugin UseStrict Calendly Embedder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...