7 matches found
CVE-2026-40765
The CVE-2026-40765 entry details an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress collectchat plugin versions
Adobe Commerce 安全漏洞
Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. There is a security vulnerability in Adobe Commerce, which stems from improper authorization. This vulnerability may allow security features to be bypassed, enabling...
CVE-2026-3584
CVE-2026-3584 – WordPress Kali Forms
EUVD-2026-12369
A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub44D844 of the file /goform/gethidessidcfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...
CVE-2025-68528 WordPress Free Shipping Bar: Amount Left for Free Shipping for WooCommerce plugin <= 2.4.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce amount-left-free-shipping-woocommerce allows Stored XSS.This issue affects Free Shipping Bar: Amount Left for Free Shippin...
CVE-2025-11740 wpForo Forum <= 2.4.9 - Authenticated (Susbscriber+) SQL Injection
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager in all versions up to, and including, 2.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
SUSE CVE-2012-1144
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap write operation and memory corruption or possibly execute arbitrary code via a crafted TrueType font...