PT-2026-20335

Name of the Vulnerable Software and Affected Versions Beetel 777VR1 versions up to 01.00.09 Description A security issue exists in Beetel 777VR1 up to version 01.00.09, related to the Telnet Service/SSH Service component. The issue involves insecure default initialization of a resource and can be...

PT-2025-44626

Name of the Vulnerable Software and Affected Versions Afterlogic Aurora webmail versions 9.8.3 and below Description A cross-site scripting XSS issue exists in Afterlogic Aurora webmail. An attacker can send a specially crafted HTML email message containing JavaScript within an img HTML tag. This...

PT-2025-44253

Name of the Vulnerable Software and Affected Versions ThemeSphere SmartMag versions through 10.3.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion...

PT-2025-43702

Name of the Vulnerable Software and Affected Versions Genesis Framework theme for WordPress versions up to and including 3.6.0 Description The Open Source Genesis Framework theme for WordPress is susceptible to Stored Cross-Site Scripting through its shortcodes. Insufficient input sanitization an...

PT-2025-33656 · Ibm · Ibm Concert

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.1.0 Description: The software contains hard-coded credentials, such as a password or cryptographic key, used for inbound authentication, outbound communication to external components, or encryptio...

PT-2025-33376 · Woocommerce · Primer Mydata For Woocommerce

Name of the Vulnerable Software and Affected Versions: Primer MyData for Woocommerce versions through 4.2.5 Description: The software contains a Reflected Cross-Site Scripting XSS issue due to improper neutralization of input during web page generation. Recommendations: Update Primer MyData for...

PT-2024-34999 · Unknown · Gutenium Blocks

Name of the Vulnerable Software and Affected Versions: Gutenium Blocks versions 1.1.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject...

PT-2024-30382 · Woocommerce · Persian Woocommerce Sms

Name of the Vulnerable Software and Affected Versions: Persian WooCommerce versions 7.1.6 and earlier Description: The issue affects Persian WooCommerce due to a Missing Authorization vulnerability. This vulnerability allows accessing functionality not properly constrained by ACLs. Recommendation...

PT-2024-34244 · Unknown · Raptor Editor

Name of the Vulnerable Software and Affected Versions: Raptor Editor versions 1.0.20 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. It specifically affects the Raptor Editor, allowing for...

PT-2024-5962 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.20 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious...

PT-2024-23468 · Unknown · Awesome Support

Name of the Vulnerable Software and Affected Versions: Awesome Support versions 6.1.7 and earlier Description: The issue is related to a Missing Authorization vulnerability in Awesome Support Team Awesome Support. Recommendations: For versions 6.1.7 and earlier, update to a version later than 6.1...

PT-2024-26353 · Unknown · Academy Lms

Name of the Vulnerable Software and Affected Versions: Academy LMS versions 1.9.25 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. Recommendations: For versions 1.9.25 and earlier, update to a version later than 1.9.25 to resolve th...

PT-2024-23783 · Unknown · Easy Digital Downloads

Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads versions 3.2.11 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This allows an attacker to trick a user into performing unintended actions on a web application. Recommendations: For...

PT-2024-23435 · Thimpress · Thimpress Wp Hotel Booking

Name of the Vulnerable Software and Affected Versions: ThimPress WP Hotel Booking versions 2.0.9.2 and earlier Description: A Missing Authorization issue affects ThimPress WP Hotel Booking, allowing unauthorized access. Recommendations: For ThimPress WP Hotel Booking versions 2.0.9.2 and earlier,...

PT-2024-22748 · Unknown · Aam Advanced Access Manager

Name of the Vulnerable Software and Affected Versions: AAM Advanced Access Manager versions through 6.9.20 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions...

PT-2023-31367 · WordPress · Wp Photo Album Plus

Name of the Vulnerable Software and Affected Versions: WP Photo Album Plus versions through 8.5.02.005 Description: The issue is related to an Authorization Bypass Through User-Controlled Key. This allows for unauthorized access. Recommendations: For WP Photo Album Plus versions through 8.5.02.00...

PT-2023-26396 · Unknown · Email Sender

Name of the Vulnerable Software and Affected Versions: Elastic Email Sender plugin versions 1.2.6 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin+ privileges can inject malicious scripts into t...

PT-2023-1937 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 26.5.2 and earlier Adobe Illustrator versions 27.2.0 and earlier Description: The issue is related to a Use After Free vulnerability, which involves the use of memory after it has been freed. This could allow an...

PT-2022-24616 · Pagekit · Pagekit

Name of the Vulnerable Software and Affected Versions: pagekit version 1.0.18 Description: A file upload issue exists in the storage feature, allowing an attacker to upload malicious files. Recommendations: For pagekit version 1.0.18, update to a newer version that contains a fix for this issue...

PT-2022-11323 · Unknown · Todo-Regex

Name of the Vulnerable Software and Affected Versions: todo-regex version 0.1.1 Description: A Regular Expression Denial of Service ReDOS issue was found in the software when it matches crafted invalid TODO statements. This occurs because the regular expression used can be exploited to cause a...