CVE-2026-9308

Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...

CVE-2025-11454 Specific Content For Mobile – Customize the mobile version without redirections <= 0.5.5 - Authenticated (Contributor+) SQL Injection

The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eosscfmduplicatepostasdraft function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of...

WordPress Specific Content For Mobile plugin <= 0.5.5 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Specific Content For Mobile versions = 0.5.5...

WordPress plugin Specific Content For Mobile – Customize the mobile version without redirections SQL注入漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin...

CVE-2025-10290 Opening links via the contextual menu in Focus for iOS would not update the toolbar UI correctly, allowing attackers to spoof websites

Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press. This vulnerability was fixed in Focus for iOS...

CVE-2025-30874

Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through = 0.5.3...

CVE-2025-30874

Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through = 0.5.3...

WordPress Specific Content For Mobile plugin <= 0.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Specific Content For Mobile versions = 0.5.3...

CVE-2025-30874

CVE-2025-30874 is a Missing Authorization vulnerability in Specific Content For Mobile (WordPress plugin). The issue arises from incorrectly configured access control, enabling exploitation as described in the connected documents. Affected versions: from n/a through 0.5.3. Current status: patched."

CVE-2025-30874 WordPress Specific Content For Mobile plugin <= 0.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through = 0.5.3...

CVE-2024-29126

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jose Mortellaro Specific Content For Mobile – Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile – Customize the mobile version...

CVE-2024-29126

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jose Mortellaro Specific Content For Mobile – Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile – Customize the mobile version...

CVE-2024-29126 WordPress Specific Content For Mobile plugin <= 0.1.9.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jose Mortellaro Specific Content For Mobile – Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile – Customize the mobile version...

CVE-2023-23869

CVE-2023-23869 is a CSRF vulnerability in the WordPress Google XML Sitemap for Mobile plugin (≤1.6.1). Public entries document an unauthenticated CSRF issue tied to the plugin, with impact described variably: NVD lists high impact (C/H, I/H, A/H) and overall CVSS v3.1 score of 8.8, while Patchsta...

PT-2022-3808 · Mozilla +1 · Firefox +1

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 101 Description: The issue is related to a lack of protection against SQL query structure exploitation. This could allow a remote attacker to send specially crafted data to the application, potentially...

CVE-2021-25266

The CVE-2021-25266 entry describes an insecure data storage vulnerability in Sophos Authenticator for Android (

CVE-2021-25266

An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile Android before version 9.7.3495...

Security Bulletin: IBM Security Access Manager Appliance is affected by a vulnerability in NSS (CVE-2017-7805)

Summary IBM Security Access Manager Appliance has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-7805 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in TLS 1.2 generating handshake hashes...

Security Bulletin: IBM Security Access Manager Appliance is affected by a potential information exposure vulnerability (CVE-2017-1480)

Summary IBM Security Access Manager Appliance has addressed the following information exposure vulnerability. Vulnerability Details CVEID: CVE-2017-1480 DESCRIPTION: IBM Security Access Manager Appliance stores potentially sensitive information in log files that could be read by a remote user. CV...

Security Bulletin: IBM Security Access Manager Appliance is affected by an open redirect vulnerability (CVE-2017-1534)

Summary IBM Security Access Manager Appliance has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1534 DESCRIPTION: IBM Security Access Manager Appliance could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim t...