WordPress Job Portal < 2.0.6 - SQL Injection

The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape the city parameter before using it in a SQL statement,leading to a SQL injection vulnerability that is exploitable by unauthenticated users. This vulnerability can be used to extractsensitive data from the database or...

WordPress JoomSport <5.2.8 - SQL Injection

WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operation...

Responsive Pricing Table <= 5.1.12 - Cross-Site Scripting

The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'planicons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...

CodiMD <2.5.4 - Insecure Filename Randomization

CodiMD does not require valid authentication to access uploaded images or to upload new image data. An attacker who can determine an uploaded image's URL can gain unauthorised access to uploaded image data. Due to the insecure random filename generation in the underlying Formidable library, an...

WP BASE Booking - Reflected XSS

WP BASE Booking of Appointments, Services and Events WordPress plugin 5.0.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before output, letting attackers execute malicious scripts in high privilege users' browsers, exploit requires victim to...

MetInfo CMS <= 8.1 - Remote Code Execution

MetInfo CMS 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability caused by insufficient input neutralization in the execution path, letting remote attackers execute arbitrary code remotely, exploit requires crafted requests. id: CVE-2026-29014 info: name: MetInfo CMS = 8....

WordPress Download Manager - File Password Exposure

The WordPress Download Manager plugin contains a vulnerability that allows attackers to obtain passwords for password-protected downloads by sending a specially crafted request to the validate-password API endpoint. id: CVE-2023-6421 info: name: WordPress Download Manager - File Password Exposure...

FoxCMS v.1.2.5 - Remote Code Execution

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component. id: CVE-2025-29306 info: name: FoxCMS v.1.2.5 - Remote Code Execution author: ritikchaddha severity: critical description: | An issue in FoxCMS v.1.2.5 allows a...

WordPress TS Poll < 2.4.0 - SQL Injection

WordPress TS Poll plugin 2.4.0 contains a SQL injection caused by lack of sanitization and escaping of a parameter before using it in a SQL statement, letting attackers perform SQL injection attacks, exploit requires admin privileges. id: CVE-2024-8625 info: name: WordPress TS Poll 2.4.0 - SQL...

FasterXML jackson-databind - Deserialization Remote Code Execution

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap. This vulnerability allows attackers to execute arbitrary code through deserialization of...

PublishPress Capabilities < 2.3.1 - Missing Authorization

The PublishPress Capabilities plugin for WordPress before 2.3.1 does not have proper authorization and CSRF checks when updating settings via the init hook, allowing unauthenticated attackers to update arbitrary blog options, such as setting the default role to administrator. id: CVE-2021-25032...

Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution

Spring Data REST 2.6.9 and 3.0.1, Spring Boot 1.5.9 and 2.0 M6 contain a remote code execution caused by processing malicious PATCH requests with crafted JSON data, letting attackers execute arbitrary Java code, exploit requires sending malicious PATCH requests. id: CVE-2017-8046 info: name: Spri...

Flowise - Remote Code Execution

Flowise 3.0.5 contains a remote code execution vulnerability caused by unsafe evaluation of user input in the CustomMCP node's convertToValidJSONString function, letting remote attackers execute arbitrary code with full Node.js privileges, exploit requires user input to be processed by the...

SolarWinds Web Help Desk - Authentication Bypass

SolarWinds Web Help Desk contains an authentication bypass vulnerability caused by improper access control, letting attackers execute protected actions without authentication, exploit requires no special conditions. id: CVE-2025-40552 info: name: SolarWinds Web Help Desk - Authentication Bypass...

Adobe Commerce (Magento) - Remote Code Execution

Adobe Commerce versions 2.4.3-p1 and earlier and 2.3.7-p2 and earlier are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. id: CVE-2022-24086 info: name:...

Photon OS 5.0: Httpd PHSA-2026-5.0-0881

An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0881. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 44 : gh (2026-f07b3548d4)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f07b3548d4 advisory. Update to 2.94.0 ---- Update to 2.93.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Fedora 44 : chezmoi (2026-905e9afc79)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-905e9afc79 advisory. Update to 2.70.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2424)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 Tenable has extracted the preceding description block directly from the EulerO...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2423)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 Tenable has extracted the preceding description block directly from the EulerO...