32 matches found
CVE-2026-40779 WordPress Link Library plugin <= 7.8.8 - Arbitrary File Deletion vulnerability
Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...
CVE-2026-2263 Hustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hustlemoduleconverted' AJAX action in all versions up to, and including, 7.8.10.2. This makes it possible for...
openSUSE Security Advisory (SUSE-SU-2026:0858-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2024-55395
IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 on CP4D 4.8, 7.7 on CP4D 5.0, and 7.8 on CP4D 5.1 do not properly limit the allocation of system resources. An authenticated user with internal knowledge of the environment could exploit this weakness to cause a denial of service...
CVE-2021-47749
YouPHPTube
PT-2026-2358
Name of the Vulnerable Software and Affected Versions YouPHPTube versions prior to 7.9 Description The software contains a local file inclusion issue that allows unauthenticated attackers to access arbitrary files. This is possible by manipulating the lang parameter in GET requests. The path...
WordPress Gallery with thumbnail slider plugin <= 7.8 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Gallery with thumbnail slider versions = 7.8...
openSUSE Security Advisory (SUSE-SU-2025:3965-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:3859-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-92566203fd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-4f95f160be)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-62005
CVE-2025-62005 is a CSRF vulnerability in WordPress plugin SUMO Memberships for WooCommerce (FantasticPlugins) affecting all versions before 7.8.0. Exploitation could enable a CSRF attack against authenticated users, with the NVD/Wordfence data listing a CVSS v3.1 base score of 7.1 (High) and an ...
CVE-2005-3281
Directory traversal vulnerability in NukeFixes 3.1 for PHP-Nuke 7.8 allows remote attackers to include arbitrary files via the file parameter...
WordPress plugin WP Travel 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
Eaton Foreseer EPMS 安全漏洞
Eaton Foreseer EPMS is a highly customizable web-based software platform from Eaton Corporation. A security vulnerability exists in Eaton Foreseer EPMS prior to version 7.8.600, which arises from an input field that does not check the length and bounds of an input value, which could result in...
WordPress SEOPress plugin < 7.8 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Dmirtii Ignatyev in WordPress Plugin SEOPress versions 7.8...
PT-2024-33319 · WordPress · Seopress
Name of the Vulnerable Software and Affected Versions: SEOPress WordPress plugin versions prior to 7.8 Description: The issue concerns a lack of validation and escaping in one of the Post settings of the SEOPress WordPress plugin. This could allow users with a contributor or higher role to perfor...
WordPress plugin SEOPress security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-33318 · WordPress · Seopress
Name of the Vulnerable Software and Affected Versions: SEOPress WordPress plugin versions prior to 7.8 Description: The issue concerns the SEOPress WordPress plugin, where certain Post settings are not properly sanitized and escaped, potentially allowing high-privilege users, such as contributors...
WordPress plugin SEOPress security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...