20 matches found
CVE-2026-57763
Contributor Cross Site Scripting XSS in Structured Content = 1.7.0 versions...
WordPress Structured Content plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Structured Content versions = 1.7.0...
CVE-2026-27051
Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through = 1.7.0...
CVE-2026-25020
Missing Authorization vulnerability in WP connect WP Sync for Notion wp-sync-for-notion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sync for Notion: from n/a through = 1.7.0...
PT-2025-53923
Name of the Vulnerable Software and Affected Versions aizuda snail-job versions up to 1.7.0 Description A flaw exists in the FurySerializer.deserialize function within the API component of aizuda snail-job. This issue involves the deserialization of the argsStr argument, potentially allowing for...
CVE-2025-52758
Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy allows Using Malicious Files.This issue affects Zippy: from n/a through = 1.7.0...
CVE-2025-62062 WordPress Easy Post Submission plugin <= 1.7.0 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in ThemeRuby Easy Post Submission easy-post-submission allows Retrieve Embedded Sensitive Data.This issue affects Easy Post Submission: from n/a through = 1.7.0...
EUVD-2025-25974
Malicious code in bioql PyPI...
PT-2025-38805
Name of the Vulnerable Software and Affected Versions Post Carousel Slider for Elementor versions through 1.7.0 Description An authorization issue exists in Post Carousel Slider for Elementor, allowing exploitation due to incorrectly configured access control security levels. Recommendations Upda...
WordPress Golo Theme <= 1.7.0 - Broken Authentication Vulnerability
Broken Authentication Vulnerability discovered by Rau má đậu xanh in WordPress Theme Golo versions = 1.7.0...
WordPress Golo Theme <= 1.7.0 is vulnerable to Broken Authentication
Software Golo Type Theme Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2025-54725 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a2ab39e8e113 Credits Aiden Required...
WordPress CozyStay theme <= 1.7.0 - Missing Authorization to Arbitrary Action Execution in ajax_handler vulnerability
Missing Authorization to Arbitrary Action Execution in ajaxhandler vulnerability discovered by Lucio Sá in WordPress Theme CozyStay versions = 1.7.0...
WordPress CozyStay theme <= 1.7.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Lucio Sá in WordPress Theme CozyStay versions = 1.7.0...
WordPress Automate Hub Free by Sperse.IO plugin <= 1.7.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Automate Hub versions = 1.7.0...
WordPress Woolook plugin <= 1.7.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin Woolook versions = 1.7.0...
CVE-2024-35732
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in YITH YITH Custom Login allows Stored XSS.This issue affects YITH Custom Login: from n/a through 1.7.0...
WordPress Breakdance plugin <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Breakdance versions = 1.7.0...
WordPress Plugin CataBlog 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
apr: Windows out-of-bounds write in apr_socket_sendv function
A flaw was found in Apache Portable Runtime, affecting versions = 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affects Windows environments...
PT-2022-18506 · Sick · Sick Sim2000St
Name of the Vulnerable Software and Affected Versions: SICK SIM2000ST versions =1.7.0 Description: A password recovery issue allows an unprivileged remote attacker to invoke the password recovery mechanism method, gaining access to the user level defined as RecoverableUserLevel. This results in...