PT-2026-48818

The Presto Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link url' parameter of the presto player overlay shortcode in versions up to, and including, 4.2.0 This is due to insufficient input sanitization and output escaping in the getOverlays function, which...

Linux Distros Unpatched Vulnerability : CVE-2026-46374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.2.0, in deployments where untruste...

SUSE CVE-2017-18894

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover...

CVE-2025-62053

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through 4.2.0...

WordPress Estatik plugin <= 4.3.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Estatik versions = 4.3.0...

WordPress plugin Device Detector 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

PT-2024-31949 · WordPress · The Starter Templates — Elementor

Name of the Vulnerable Software and Affected Versions: The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress versions up to, and including, 4.2.0 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and outp...

Terramaster TOS Path Traversal Vulnerability

Terramaster TOS is a Linux-based operating system dedicated to the erraMaster Cloud Storage NAS server from Shenzhen Tumi Electronic Technology Terramaster in China. A path traversal vulnerability exists in TerraMaster TOS version 4.2.06 and earlier versions, which allows a remote authenticated...

Terramaster TOS Permission License and Access Control Issues Vulnerability

Terramaster TOS is a Linux-based operating system dedicated to the erraMaster Cloud Storage NAS server from Shenzhen Tumi Electronic Technology Terramaster in China. A security vulnerability exists in TerraMaster TOS version 4.2.06 and earlier versions, which can be exploited by a remote,...

QEMU Buffer Overflow Vulnerability (CNVD-2020-35975)

QEMU Quick Emulator is a set of simulation processor software by French software developer Fabrice Bellard. The software is fast, cross-platform and other characteristics. A buffer overflow vulnerability exists in the hw/pci/pci.c file in QEMU version 4.2.0. The vulnerability stems from a network...

CVE-2019-17119

Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter...

Unspecified Vulnerability in Oracle Hospitality Guest Access (CNVD-2017-31510)

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle Corporation. The solution provides human resources cost management, provide customers with the entire journey of service tracking management to improve custome...