PT-2025-35925

Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: A stored authenticated cross-site scripting XSS issue exists due to insufficient validation of user-supplied input. The vulnerability is present in the /apprain/developer/addons/update/cycle endpoint,...

PT-2025-4608 · Unknown · Fm Notification Bar

Name of the Vulnerable Software and Affected Versions: FM Notification Bar versions 1.0.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject maliciou...

PT-2025-4658 · Data443 · Data443 Posts Footer Manager

Name of the Vulnerable Software and Affected Versions: Data443 Posts Footer Manager versions n/a through 2.1.0 Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means that an attacker can inject...

PT-2024-11975 · Unknown · Survey Maker

Name of the Vulnerable Software and Affected Versions: Survey Maker versions through 3.2.0 Description: The issue is related to missing authorization in Survey Maker, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions through 3.2.0, updat...

PT-2024-35863 · Unknown · Cultbooking Hotel Booking Engine

Name of the Vulnerable Software and Affected Versions: CultBooking Hotel Booking Engine versions n/a through 2.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in the CultBooking Hotel Booking Engine. This means an attacker can perform unauthorize...

PT-2024-33649 · Unknown · Robo Gallery

Name of the Vulnerable Software and Affected Versions: Robo Gallery versions 3.2.21 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For versio...

PT-2024-27596 · WordPress · Wp Directory Kit

Name of the Vulnerable Software and Affected Versions: WP Directory Kit versions 1.3.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For WP...

PT-2024-37349

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2024.1.32.0 and earlier Description: The issue concerns the improper removal of sensitive information in the data source export feature, allowing an attacker who obtains the exported settings to...

PT-2024-25343 · Vitepos · Vitepos

Name of the Vulnerable Software and Affected Versions: Vitepos versions 3.0.1 and earlier Description: A Missing Authorization issue affects the software, allowing potential unauthorized access. The estimated number of potentially affected devices worldwide is not specified. There is no informati...

PT-2024-23381 · Unknown · Pluginops Landing Page Builder

Name of the Vulnerable Software and Affected Versions: PluginOps Landing Page Builder versions 1.5.1.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

PT-2024-20502 · Wp-Cfm · Wp-Cfm

Name of the Vulnerable Software and Affected Versions: WP-CFM versions 1.7.8 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the Forum One WP-CFM wp-cfm, allowing unauthorized actions to be performed on behalf of a user without their knowledge or consent. Recommendations:...

PT-2023-16262 · WordPress · Ms-Reviews

Name of the Vulnerable Software and Affected Versions: MS-Reviews WordPress plugin versions 1.5 and earlier Description: The issue allows authenticated users, such as Subscribers, to perform Stored Cross-Site Scripting attacks due to the lack of sanitization and escaping of reviews...

PT-2023-18411 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.1.5 Description: The kernel subsystem hmdfs has an arbitrary memory accessing issue, allowing network attackers to launch a remote attack and obtain kernel memory data of the target system. Recommendations: For...

PT-2017-17306 · Cisco · Ios Xe +6

Name of the Vulnerable Software and Affected Versions: Cisco IOS versions 12.0 through 15.6 Adaptive Security Appliance ASA Software versions 7.0.1 through 9.7.1.2 NX-OS versions 4.0 through 12.0 IOS XE versions 3.6 through 3.18 Description: A vulnerability involving the Open Shortest Path First...