117 matches found
CVE-2026-30841 Wallos: Reflected XSS via unescaped token and email parameters in passwordreset.php
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, passwordreset.php outputs $GET"token" and $GET"email" directly into HTML input value attributes using and without calling htmlspecialchars. This allows reflected XSS by breaking out of the attribute...
CVE-2026-30841
CVE-2026-30841 affects Wallos prior to version 4.6.2. The vulnerability is a reflected XSS in passwordreset.php where $_GET["token"] and $_GET["email"] are echoed directly into HTML input value attributes without htmlspecialchars(), allowing an attacker to break out of the attribute context. The ...
CVE-2026-30841 Wallos: Reflected XSS via unescaped token and email parameters in passwordreset.php
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, passwordreset.php outputs $GET"token" and $GET"email" directly into HTML input value attributes using and without calling htmlspecialchars. This allows reflected XSS by breaking out of the attribute...
joserfc 安全漏洞
Joserfc is a Python library developed by Authlib. Joserfc versions 1.6.2 and earlier have security vulnerabilities. These vulnerabilities stem from the lack of verification or restrictions on the p2c parameter value in the JWE token. This allows unverified attackers to cause denial-of-service...
CVE-2025-13587
The Two Factor 2FA Authentication via Email plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 1.9.8. This is because the SS882FAVE::wplogin method only enforces the 2FA requirement if the 'token' HTTP GET parameter is undefined, which makes i...
CVE-2025-13587
CVE-2025-13587 affects the WordPress plugin “Two Factor (2FA) Authentication via Email” up to version 1.9.8. The root cause is that SS88_2FAVE::wp_login() only enforces 2FA when the 'token' parameter is undefined; providing any value (including empty) for token during login bypasses 2FA. The acco...
CVE-2025-13587 Two Factor (2FA) Authentication via Email <= 1.9.8 - Two-Factor Authentication Bypass via token
The Two Factor 2FA Authentication via Email plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 1.9.8. This is because the SS882FAVE::wplogin method only enforces the 2FA requirement if the 'token' HTTP GET parameter is undefined, which makes i...
PT-2026-20601
Name of the Vulnerable Software and Affected Versions Two Factor 2FA Authentication via Email plugin for WordPress versions up to and including 1.9.8 Description The Two Factor 2FA Authentication via Email plugin for WordPress is susceptible to a bypass of the two-factor authentication mechanism...
CVE-2024-5386
In lunary-ai/lunary version 1.2.2, an account hijacking vulnerability exists due to a password reset token leak. A user with a 'viewer' role can exploit this vulnerability to hijack another user's account by obtaining the password reset token. The vulnerability is triggered when the 'viewer' role...
CVE-2024-5386
In lunary-ai/lunary version 1.2.2, an account hijacking vulnerability exists due to a password reset token leak. A user with a 'viewer' role can exploit this vulnerability to hijack another user's account by obtaining the password reset token. The vulnerability is triggered when the 'viewer' role...
CVE-2025-13863
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
EUVD-2025-201520
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-13863
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-13863
RevInsite is a WordPress plugin vulnerable to stored cross-site scripting (XSS) in versions up to 1.1.0 due to insufficient input sanitization and output escaping. The vulnerability enables an authenticated attacker with Contributor+ privileges to inject scripts via shortcode attributes (token/re...
CVE-2025-13863 RevInsite <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-13863 RevInsite <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
PT-2025-49348
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
EUVD-2016-5456
Malware in sbrugna...
EUVD-2014-4895
Malware in sbrugna...
EUVD-2022-4675
Malicious code in bioql PyPI...