CVE-2025-66526

Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through = 1.1.34...

CVE-2025-66526

Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through = 1.1.34...

CVE-2025-66526

CVE-2025-66526 describes a Missing Authorization vulnerability in the WordPress Tablesome plugin (Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent). Affected versions are up to 1.1.34. The underlying issue is broken access control: incorrectly configured authorization...

CVE-2025-66526 WordPress Tablesome plugin <= 1.1.34 - Broken Access Control vulnerability

Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through = 1.1.34...

PT-2025-49874

Name of the Vulnerable Software and Affected Versions Essekia Tablesome versions through 1.1.34 Description An authorization issue exists in Essekia Tablesome, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update Essekia Tablesome to a version...

WordPress Tablesome plugin <= 1.1.34 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Certus Cybersecurity in WordPress Plugin Tablesome versions = 1.1.34...

EUVD-2022-28561

Malicious code in bioql PyPI...

CVE-2024-34547

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.1.34...

CVE-2024-34547

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.1.34...

PT-2024-25961 · Unknown · Magical Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Magical Addons For Elementor versions 1.1.34 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacke...

WordPress plugin Magical Addons For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Magical Addons For Elementor Plugin <= 1.1.34 is vulnerable to Cross Site Scripting (XSS)

Software Magical Addons For Elementor Type Plugin Vulnerable versions = 1.1.34 Fixed in 1.1.35 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34547 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 74ccb66566e9 Credits Khalid Yusuf Required...

CVE-2023-39989

Cross-Site Request Forgery CSRF vulnerability in 99robots Header Footer Code Manager plugin = 1.1.34 versions...

PT-2023-27195 · WordPress · 99Robots Header Footer Code Manager

Name of the Vulnerable Software and Affected Versions: 99robots Header Footer Code Manager plugin versions 1.1.34 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...

Spoofing

Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related when the post will be published. The handler has some sort of protection so non-YouTube links can't be posted, as well as HTML tags are being stripped...

CVE-2022-23543

CVE-2022-23543 concerns Silverware Games’ YouTube embedding feature, where an attacker could add custom HTML attributes (e.g., onclick) to generated iframes despite tag stripping, enabling HTML attribute-based XSS. Multiple connected sources confirm the issue and its remediation: the vulnerabilit...

CVE-2022-23543 HTML attributes when attaching a YouTube link to the post

Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related when the post will be published. The handler has some sort of protection so non-YouTube links can't be posted, as well as HTML tags are being stripped...

CVE-2022-23543 HTML attributes when attaching a YouTube link to the post

Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related when the post will be published. The handler has some sort of protection so non-YouTube links can't be posted, as well as HTML tags are being stripped...

CVE-2022-29824 affecting package libxslt for versions less than 1.1.34-7

CVE-2022-29824 affecting package libxslt for versions less than 1.1.34-7. A patched version of the package is available...

libxslt Type Confusion vulnerability that affects Nokogiri

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. Nokogiri prior to version 1.10.5 used a vulnerable...