CVE-2025-14716

creationtimestamp| type| source ---|---|--- 2026-03-19 10:16:14+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2025-14716 2026-03-19 12:28:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhfytvmznw2v...

EUVD-2026-11973

Missing Authorization vulnerability in vowelweb VW Pet Shop vw-pet-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Pet Shop: from n/a through = 1.4.7...

MiracleLinux 8 : mariadb:10.3 (AXSA:2021-1477:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1477:01 advisory. mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep CVE-2020-15180 mysql: InnoDB unspecified vulnerability CPU Oct...

WeRSS 代码问题漏洞

WeRSS is a WeChat public number system by Rachel open source. A code issue vulnerability exists in WeRSS 1.4.7 and earlier versions, which stems from incorrect manipulation of the parameter webhookurl in the component Webhook Module, which could lead to server-side request forgery...

WordPress plugin WP Plugin Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress WP Manager plugin, which arises from a web application that does not adequately validate that a request is...

CVE-2025-60074

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Lazy Load Optimizer lazy-load-optimizer allows PHP Local File Inclusion.This issue affects Lazy Load Optimizer: from n/a through = 1.4.7...

WordPress Lazy Load Optimizer plugin <= 1.4.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Lazy Load Optimizer versions = 1.4.7...

WordPress plugin ReConstruction 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

CVE-2022-36872

Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent...

FlatCore Arbitrary File Upload Vulnerability

flatCore is a lightweight content management system CMS based on PHP and SQLite. A security vulnerability exists in the acp/acp.php file in flatCore version 1.4.7. No details of the vulnerability are provided at this time...

Kanboard Design Vulnerability (CNVD-2017-30950)

Kanboard is a French software developer Frederic Guillot developed a set of open source visualization task board software. The software supports customization of the panel according to the business, task dragging and so on. A security vulnerability exists in Kanboard versions prior to 1.0.47. An...