54 matches found
CVE-2025-69111
Unauthenticated PHP Object Injection in Reisen = 1.4.1 versions...
CVE-2026-40738 WordPress Eldon theme <= 1.4.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Eldon = 1.4.1 versions...
CVE-2026-27429 WordPress Nifty theme <= 1.4.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Nifty = 1.4.1 versions...
PT-2026-50106
Unauthenticated PHP Object Injection in Playroom = 1.4.1 versions...
CVE-2026-10567
A security vulnerability has been detected in 1Panel-dev CordysCRM up to 1.4.1. This impacts the function Save of the file src/main/java/cn/cordys/crm/system/service/ModuleFormService.java of the component ModuleFormController. The manipulation of the argument Description leads to cross site...
CVE-2026-32338
Missing Authorization vulnerability in raratheme Construction Landing Page construction-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Construction Landing Page: from n/a through = 1.4.1...
EUVD-2026-15596
Deserialization of Untrusted Data vulnerability in NooTheme Jobica Core jobica-core allows Object Injection.This issue affects Jobica Core: from n/a through = 1.4.1...
EUVD-2026-13992
Cross-Site Request Forgery CSRF vulnerability in Copyscape Copyscape Premium copyscape-premium allows Cross Site Request Forgery.This issue affects Copyscape Premium: from n/a through = 1.4.1...
CVE-2026-32429 WordPress Magical Addons For Elementor plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through = 1.4.1...
PT-2026-25185
Missing Authorization vulnerability in raratheme Construction Landing Page construction-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Construction Landing Page: from n/a through = 1.4.1...
CVE-2026-27643
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...
CVE-2025-69252
The issue (CVE-2025-69252) affects the free5GC UDM component and its UDM service. It is a NULL pointer dereference in versions up to and including 1.4.1, allowing remote unauthenticated attackers to trigger a service panic (Denial of Service) by sending a crafted PUT request with an unexpected ue...
WordPress ElementInvader Addons for Elementor plugin <= 1.4.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin ElementInvader Addons for Elementor versions = 1.4.1...
CVE-2026-24966
Cross-Site Request Forgery CSRF vulnerability in Copyscape Copyscape Premium copyscape-premium allows Cross Site Request Forgery.This issue affects Copyscape Premium: from n/a through = 1.4.1...
CVE-2025-62133
Cross-Site Request Forgery CSRF vulnerability in manidoraisamy FormFacade formfacade allows Cross Site Request Forgery.This issue affects FormFacade: from n/a through = 1.4.1...
CVE-2025-62133
Cross-Site Request Forgery CSRF vulnerability in manidoraisamy FormFacade formfacade allows Cross Site Request Forgery.This issue affects FormFacade: from n/a through = 1.4.1...
CVE-2025-52742
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Igor Benic Pets pets allows Reflected XSS.This issue affects Pets: from n/a through = 1.4.1...
WordPress Memberlite Shortcodes plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Memberlite Shortcodes versions = 1.4.1...
WordPress WPCasa plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin WPCasa versions = 1.4.1...
EUVD-2025-28359
Malicious code in bioql PyPI...