5845 matches found
Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin
On March 30th, 2026, we publicly disclosed a critical Remote Code Execution vulnerability in Everest Forms Pro, a WordPress plugin with an estimated 4,000 active installations. This vulnerability can be leveraged by unauthenticated attackers to execute arbitrary PHP code on the server, leading to...
ROOT-OS-UBUNTU-2404-CVE-2025-38468 CVE-2025-38468 in rootio-linux - Patched by Root
Root has patched CVE-2025-38468 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-23214 CVE-2026-23214 in rootio-linux - Patched by Root
Root has patched CVE-2026-23214 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-37759 CVE-2025-37759 in rootio-linux - Patched by Root
Root has patched CVE-2025-37759 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-31780 CVE-2026-31780 in rootio-linux - Patched by Root
Root has patched CVE-2026-31780 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38697 CVE-2025-38697 in rootio-linux - Patched by Root
Root has patched CVE-2025-38697 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38481 CVE-2025-38481 in rootio-linux - Patched by Root
Root has patched CVE-2025-38481 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21863 CVE-2025-21863 in rootio-linux - Patched by Root
Root has patched CVE-2025-21863 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2022-49940 CVE-2022-49940 in rootio-linux - Patched by Root
Root has patched CVE-2022-49940 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38604 CVE-2025-38604 in rootio-linux - Patched by Root
Root has patched CVE-2025-38604 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-31474 CVE-2026-31474 in rootio-linux - Patched by Root
Root has patched CVE-2026-31474 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-46173 CVE-2026-46173 in rootio-linux - Patched by Root
Root has patched CVE-2026-46173 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-43465 CVE-2026-43465 in rootio-linux - Patched by Root
Root has patched CVE-2026-43465 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38087 CVE-2025-38087 in rootio-linux - Patched by Root
Root has patched CVE-2025-38087 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
NeDi 1.9C - Cross-Site Scripting
NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a...
mooSocial v.3.1.8 - Cross-Site Scripting
Cross-Site Scripting XSS vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function. id: CVE-2023-44813 info: name: mooSocial v.3.1.8 - Cross-Site Scripting author: ritikchaddha severity:...
Movies <= 0.6 - Cross-Site Scripting
A cross-site scripting vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. id: CVE-2014-4539 info: name: Movies = 0.6 - Cross-Site Scripting author: daffainfo...
Odoo <= 8.0-20160726 & 9.0 - Open Redirect
An Open Redirect vulnerability in Odoo versions = 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL. id: CVE-2017-5871 info: name: Odoo = 8.0-20160726 & 9.0 - Open Redirect author: 1337rokudenashi severity: medium description: | An Open...
mooSocial 3.1.8 - External Service Interaction
mooSocial 3.1.8 is vulnerable to external service interaction via multiple parameters in the post function. id: CVE-2023-43323 info: name: mooSocial 3.1.8 - External Service Interaction author: ritikchaddha severity: medium description: | mooSocial 3.1.8 is vulnerable to external service...
Cherokee HTTPD <=0.5 - Cross-Site Scripting
Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated. id: CVE-2006-1681 info:...