13572 matches found
EUVD-2026-40385
IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of...
CVE-2026-8655
creationtimestamp| type| source ---|---|--- 2026-06-30 13:55:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpj5rn3s4x2w 2026-06-30 22:01:06+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0216 2026-07-01 01:00:46+00:00| seen|...
WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting
The Easy Social Icons plugin = 3.0.8 for WordPress echoes out the raw value of $SERVER'PHPSELF' in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path...
Social Auto Poster <= 5.3.14 - Stored Cross-Site Scripting
Social Auto Poster plugin for WordPress versions up to 5.3.14 contains a stored cross-site scripting caused by insufficient sanitization and escaping of 'mapTypes' parameter in the 'wpwautopostermapwordpressposttype' AJAX function, letting unauthenticated attackers inject and execute arbitrary...
Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass
The WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes...
CVE-2026-12243
creationtimestamp| type| source ---|---|--- 2026-06-30 01:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mphu4lougb2t 2026-06-30 01:30:32+00:00| seen| https://infosec.exchange/users/offseq/statuses/116836468435158836 2026-06-30 01:43:05+00:00| seen|...
CVE-2026-8023
creationtimestamp| type| source ---|---|--- 2026-06-30 00:00:39+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mphp3wwrcd2d 2026-06-30 00:00:42+00:00| seen| https://infosec.exchange/users/offseq/statuses/116836115168562466 2026-06-30 00:06:29+00:00| seen|...
CVE-2026-34592
creationtimestamp| type| source ---|---|--- 2026-06-29 23:43:05+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpho4kfo3b2t 2026-06-30 02:42:03+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mphy4l7znf2i...
CVE-2026-50229
creationtimestamp| type| source ---|---|--- 2026-06-29 21:40:40+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mphhbocbak2p 2026-06-29 22:19:25+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mphjgx4ff32q 2026-06-29 23:32:51+00:00| seen|...
CVE-2026-53427
creationtimestamp| type| source ---|---|--- 2026-06-29 21:27:49+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphgkomq3j2e 2026-06-29 21:55:47+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphi4owxku22...
CVE-2026-46406
creationtimestamp| type| source ---|---|--- 2026-06-29 20:18:14+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphcoay45w25...
CVE-2026-57960
creationtimestamp| type| source ---|---|--- 2026-06-29 19:12:53+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mph6z64moj2y 2026-06-29 21:14:38+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphfskffom2b...
CVE-2026-13748
creationtimestamp| type| source ---|---|--- 2026-06-29 16:57:17+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgxgwqtm22n 2026-06-29 16:57:19+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mpgxgz7qpg2v 2026-06-29 17:53:30+00:00| seen|...
CVE-2026-55607
creationtimestamp| type| source ---|---|--- 2026-06-29 16:10:20+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgusuta6d2b...
CVE-2026-56457
creationtimestamp| type| source ---|---|--- 2026-06-29 16:04:57+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgujdz3qn2w 2026-06-29 16:04:57+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mpgujdy5vf2t 2026-06-29 20:13:24+00:00| seen|...
CVE-2026-40521
creationtimestamp| type| source ---|---|--- 2026-06-29 15:56:42+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgu2m53jc2d 2026-06-29 15:58:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpgu5hdagc2j...
CVE-2026-13543
creationtimestamp| type| source ---|---|--- 2026-06-29 08:43:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpg3umb4vk2y 2026-06-29 11:21:20+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgeo73rxb2b 2026-06-29 12:41:08+00:00| seen|...
CVE-2026-13539
creationtimestamp| type| source ---|---|--- 2026-06-29 07:55:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpfz6rgc6q2y 2026-06-29 08:00:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mpfzhmjhwp26 2026-06-29 10:53:23+00:00| seen|...
Sassy Social Share <= 3.3.3 - Cross-Site Scripting
The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateorssssharingcount' AJAX action in versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress Widgets for Social Photo Feed <= 1.8 - Information Disclosure
Widgets for Social Photo Feed WordPress plugin = 1.8 contains a broken access control caused by missing capability checks on specific REST API endpoints, letting unauthenticated attackers access and modify plugin settings remotely. id: CVE-2025-14726 info: name: WordPress Widgets for Social Photo...