CVE-2026-3327

Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated user to circumvent the restriction enforced on the configured frontend URL, enabling the loading of arbitrary external resources or origins. This issue affects Web Previews v1.0.31...

DatoCMS 安全漏洞

DatoCMS is an open-source content management system developed by DatoCMS. Versions of DatoCMS prior to v1.0.31 contained security vulnerabilities. These vulnerabilities were caused by iframe injection during authentication processes, which could lead to the loading of arbitrary external resources...

[SECURITY] [DLA DLA-4287-1] libsndfile security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4287-1 [email protected] https://www.debian.org/lts/security/ Paride Legovini August 31, 2025 https://wiki.debian.org/LTS -...

WordPress plugin Simple Page Access Restriction 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2024-33688

Cross-Site Request Forgery CSRF vulnerability in Extend Themes Teluro.This issue affects Teluro: from n/a through 1.0.31...

CVE-2024-33688

Cross-Site Request Forgery CSRF vulnerability in Extend Themes Teluro.This issue affects Teluro: from n/a through 1.0.31...

WordPress Teluro theme <= 1.0.31 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Teluro versions = 1.0.31...

WordPress theme Teluro 跨站请求伪造漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blogs on PHP and MySQL servers.WordPress theme is a theme for WordPress. A cross-site request forgery vulnerability exists in WordPress theme Teluro version 1.0.31 and earlier versions. A...

AZL-28506 CVE-2022-33064 affecting package libsndfile 1.0.31-4

An off-by-one error in function wavreadheader in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts...

CVE-2021-4295 ONC code-validator-api XML CodeValidatorApiConfiguration.java vocabularyValidationConfigurations xml external entity reference

A vulnerability classified as problematic was found in ONC code-validator-api up to 1.0.30. This vulnerability affects the function vocabularyValidationConfigurations of the file src/main/java/org/sitenv/vocabularies/configuration/CodeValidatorApiConfiguration.java of the component XML Handler. T...

CVE-2018-0627

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter...