CVE-2025-64208 WordPress Jannah - Extensions plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah - Extensions jannah-extensions allows DOM-Based XSS.This issue affects Jannah - Extensions: from n/a through = 1.1.4...

PT-2025-44249

Name of the Vulnerable Software and Affected Versions TieLabs Jannah - Extensions versions through 1.1.4 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for the execution of...

CVE-2025-62906

Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Referral Link Tracker: from n/a through = 1.1.4...

EUVD-2025-36033

Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Referral Link Tracker: from n/a through = 1.1.4...

CVE-2025-62906

Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Referral Link Tracker: from n/a through = 1.1.4...

CVE-2025-62906

CVE-2025-62906 affects the WordPress Referral Link Tracker plugin (versions

CVE-2025-62906 WordPress Referral Link Tracker plugin <= 1.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Referral Link Tracker: from n/a through = 1.1.4...

PT-2025-43784

Missing Authorization vulnerability in epiphanyit321 Referral Link Tracker referral-link-tracker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Referral Link Tracker: from n/a through = 1.1.4...

WordPress plugin Referral Link Tracker security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

CVE-2025-49910 WordPress WPGuppy plugin <= 1.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPGuppy: from n/a through = 1.1.4...

DEBIAN-CVE-2025-61789

Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values...

UBUNTU-CVE-2025-61789

Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values...

CVE-2025-10849

The Felan Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processpluginactions' function called via an AJAX action in versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to activate ...

EUVD-2025-34720

The Felan Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processpluginactions' function called via an AJAX action in versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to activate ...

CVE-2025-10850 Felan Framework <= 1.1.4 - Hardcoded Credentials

The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded password in the 'fbajaxloginorregister' function and in the 'googleajaxloginorregister' function. This makes it possible for unauthenticated...

WordPress Felan Framework plugin <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Activation/Deactivation via process_plugin_actions vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Activation/Deactivation via processpluginactions vulnerability discovered by István Márton in WordPress Plugin Felan Framework versions = 1.1.4...

PT-2025-42499

Name of the Vulnerable Software and Affected Versions Icinga DB Web versions prior to 1.1.4 Icinga DB Web versions prior to 1.2.3 Description Icinga DB Web offers a graphical interface for Icinga monitoring. An authorized user with access to Icinga DB Web can utilize a custom variable within a...

Icinga DB Web 安全漏洞

Icinga DB Web is an Icinga open source graphical interface to the Icinga DB database. A security vulnerability exists in Icinga DB Web versions prior to 1.1.4 and prior to 1.2.3, which originates from an authorized user being able to guess the value of a protected or hidden variable via a custom...

EUVD-2018-15615

Malware in sbrugna...

EUVD-2005-4218

Malware in sbrugna...