2 matches found
CVE-2026-54192
This entry covers CVE-2026-54192: unauthenticated Reflected XSS in the WordPress Popup box plugin (<= 6.2.9). The descriptor indicates an XSS vulnerability when loading or handling inputs in affected plugin paths, with a CVSS v3.1 base score of 7.1 (HIGH) and user interaction required. The pro...
AZL-25956 CVE-2023-28464 affecting package kernel for versions less than 5.15.122.1-2
hciconncleanup in net/bluetooth/hciconn.c in the Linux kernel through 6.2.9 has a use-after-free observed in hciconnhashflush because of calls to hcidevput and hciconnput. There is a double free that may lead to privilege escalation...