21 matches found
CVE-2026-45307
Speakr is a personal, self-hosted web application designed for transcribing audio recordings. Prior to 0.8.20-alpha, the issafeurl helper used to validate post-login redirect targets applied urljoinrequest.hosturl, target before parsing, while the controller passed the raw target to redirect. A...
CVE-2026-33126
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-4302 WowOptin: Next-Gen Popup Maker <= 1.4.29 - Unauthenticated Server-Side Request Forgery via 'link' Parameter in REST API
The WowOptin: Next-Gen Popup Maker plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.29. This is due to the plugin exposing a publicly accessible REST API endpoint optn/v1/integration-action with a permissioncallback of returntrue that...
WordPress plugin Mixlr Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...
GHSA-63WH-P5FX-H4VC BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver
Summary Due to unsafe URL handling, bbot's gitclone.py can be made to leak a user's github.com API key to an attacker-controlled webserver. Impact A user who has placed their github.com API key in the configuration for any of the following modules: githubcodesearch githubworkflows gitlab gitclone...
CVE-2025-61784 LLaMA Factory's Chat API has Critical SSRF and LFI Vulnerabilities
LLaMA-Factory is a tuning library for large language models. Prior to version 0.9.4, a Server-Side Request Forgery SSRF vulnerability in the chat API allows any authenticated user to force the server to make arbitrary HTTP requests to internal and external networks. This can lead to the exposure ...
CVE-2025-61784 LLaMA Factory's Chat API has Critical SSRF and LFI Vulnerabilities
LLaMA-Factory is a tuning library for large language models. Prior to version 0.9.4, a Server-Side Request Forgery SSRF vulnerability in the chat API allows any authenticated user to force the server to make arbitrary HTTP requests to internal and external networks. This can lead to the exposure ...
EUVD-2018-18117
Malware in sbrugna...
EUVD-2022-7196
Malicious code in bioql PyPI...
Arbitrary Command Execution
github.com/cli/go-gh is vulnerable to Arbitrary command execution. The vulnerability is due to unsafe handling of GitHub-provided URLs, allowing an attacker-controlled GitHub Enterprise Server to replace HTTP URLs with local file paths that could be executed on the user's machine...
CVE-2024-9239
The Booster for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 7.2.3. This makes it possible for unauthenticated attackers to inject...
CVE-2024-10878
The Sugar Calendar – Simple Event Management plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 3.3.0. This makes it possible for unauthenticated attacker...
WordPress plugin Premium Packages 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress plugin WordPress Social Share Buttons 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
CVE-2024-9218
The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including,...
CVE-2024-8738
The Seriously Simple Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...
CVE-2022-4794 AAWP < 3.12.3 - Unsafe URL Handling
The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it Reflected File Download to bypass firewall rules in companies...
CVE-2022-4794 AAWP < 3.12.3 - Unsafe URL Handling
The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted domains to load malware or other files through it Reflected File Download to bypass firewall rules in companies...
AAWP < 3.12.3 - Unsafe URL Handling
The plugin can be used to abuse trusted domains to load malware or other files through it Reflected File Download to bypass firewall rules in companies. PoC wp-content/aawp/public/image.php?url=base64-url will load and download the file from the base64-decoded URL...
Windows 10 Drive-By RCE Triggered by Default URI Handler
Researchers have discovered a drive-by remote code-execution RCE bug in Windows 10 via Internet Explorer 11/Edge Legacy – the EdgeHTML-based browser that’s currently the default browser on Windows 10 PCs – and Microsoft Teams. According to a report posted Tuesday by Positive Security, the...