CVE-2025-13846 Easy Map Creator <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Easy Map Creator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'width' parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

CVE-2025-13846

CVE-2025-13846 concerns the Easy Map Creator WordPress plugin. It specifies a Stored Cross-Site Scripting (XSS) vulnerability via shortcode handling (notably the width attribute) affecting all versions up to and including 3.0.2. The issue requires an attacker to have at least Contributor-level ac...

WordPress plugin Easy Map Creator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin LS Google Map Router 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-50825

The LS Google Map Router plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'map type' parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...

PT-2025-50824

The Easy Map Creator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'width' parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

AlmaLinux 10 : grafana (ALSA-2025:23088)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23088 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28048)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28048 advisory. - netfilter: nftables: reject duplicate device on updates Pablo Neira Ayuso Orabug: 38744086 CVE-2025-38678 - PCI: rcar: Demote WARN to...

WordPress LS Google Map Router plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Software : LS Google Map Router Type : Plugin Vulnerable versions : = 1.1.0 OWASP Top 10 : A3: Injection Classification : Cross Site Scripting XSS CVE ID : CVE-2025-13850 Patchstack priority : Low CVSS severity : 6.5 Required privilege : Contributor Developer : Claim ownership PSID : b2117d151506...

WordPress Easy Map Creator plugin <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Gilang - DJ in WordPress Plugin Easy Map Creator versions = 3.0.2...

CVE-2025-36922

CVE-2025-36922 is a kernel-side issue in bigo_map() within bigo_iommu.c that enables information disclosure via a use-after-free, enabling local privilege escalation with SYSTEM-level execution privileges. Exploitation is not user-initiated. Affected platform details in public postings point to P...

CVE-2025-36922

In bigomap of bigoiommu.c, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege in the OS Kernel level with System execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-202855

In bigomap of bigoiommu.c, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege in the OS Kernel level with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36922

In bigomap of bigoiommu.c, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege in the OS Kernel level with System execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-202880

A vulnerability was determined in UTT 进取 512W up to 3.1.7.7-171114. This impacts the function strcpy of the file /goform/formNatStaticMap of the component Endpoint. Executing manipulation of the argument NatBind can lead to buffer overflow. The attack can be launched remotely. The exploit has bee...

RLSA-2025:23087 Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score,...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from the presence of post-release reuse of bigomap in bigoiommu.c, which could lead to local elevation of privilege...

Linux Distros Unpatched Vulnerability : CVE-2023-53778

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991209)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991209 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows...

ALSA-2025:23087 Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score,...