EUVD-2026-20041

The Investi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'investi-announcements-accordion' shortcode's 'maximum-num-years' attribute in all versions up to, and including, 1.0.26. This is due to insufficient input sanitization and output escaping on user-supplied...

EUVD-2025-27445

Malicious code in bioql PyPI...

CVE-2025-39523

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in GoodBarber GoodBarber goodbarber.This issue affects GoodBarber: from n/a through = 1.0.26...

CVE-2025-39523 WordPress GoodBarber plugin <= 1.0.26 - Open Redirection Vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in GoodBarber GoodBarber goodbarber.This issue affects GoodBarber: from n/a through = 1.0.26...

PT-2025-36758

Name of the Vulnerable Software and Affected Versions: GoodBarber versions n/a through 1.0.26 Description: The software contains a URL Redirection to Untrusted Site 'Open Redirect' issue. This allows an attacker to redirect users to a malicious website. Recommendations: Update GoodBarber to a...

WordPress GoodBarber plugin <= 1.0.26 - Open Redirection Vulnerability

Open Redirection Vulnerability discovered by Le Ngoc Anh in WordPress Plugin GoodBarber versions = 1.0.26...

WordPress PayGreen Payment Gateway plugin <= 1.0.26 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PayGreen Payment Gateway versions = 1.0.26...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution provides multiple payment methods, short message alerts and product image zoom. PrestaShop Bulk Export products to Google Merchant - A security vulnerability exists in Google Shopping version 1.0.2...

WordPress Plugin Piotnet Forms Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2020-14101

The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version 1.0.336 and Xiaomi route RM1800 root version 1.0.26...

Fedora 7 : libpng10-1.0.26-1.fc7.1 (2007-0004)

The pnghandletRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service application crash via a grayscale PNG image with a bad tRNS chunk CRC value. This update to libpng 1.0.26 resolves this problem. Note that Tenable Network...