WordPress Simple WP Events plugin <= 1.8.17 - Unauthenticated Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion vulnerability discovered by khanhhnahk1 - VNPT Cyber Immunity in WordPress Plugin Simple WP Events versions = 1.8.17...

PT-2025-17130 · Wpminds · Wpminds Simple Wp Events

Name of the Vulnerable Software and Affected Versions: WPMinds Simple WP Events versions 1.8.17 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: For versions 1.8.17 and earlier, update...

CVE-2025-32193 WordPress Simple WP Events plugin <= 1.8.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMinds Simple WP Events simple-wp-events allows Stored XSS.This issue affects Simple WP Events: from n/a through = 1.8.17...

CVE-2025-32193

CVE-2025-32193 concerns the WordPress plug-in Simple WP Events (vulnerable up to and including 1.8.17). The issue is an stored Cross-Site Scripting (XSS) vulnerability described as an improper neutralization of input during web page generation . The CVE metadata shows a CVSS 3.1 base score of 6.5...

WordPress plugin Simple WP Events 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-14975 · Wpminds · Wpminds Simple Wp Events

Name of the Vulnerable Software and Affected Versions: WPMinds Simple WP Events versions 1.8.17 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker...

CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner...

PT-2024-26011 · Samsung · Smartthings

Name of the Vulnerable Software and Affected Versions: SmartThings versions prior to 1.8.17 Description: The issue concerns improper authentication, allowing remote attackers to bypass the expiration date for members set by the owner. Recommendations: For versions prior to 1.8.17, update to versi...

SAMSUNG Mobile devices Authorization Issues Vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. An authorization issue vulnerability exists in SAMSUNG Mobile devices prior to version 1.8.17, which stems from an improper authentication issue in...

Security fix for the ALT Linux 9 package thunar version 1.8.17-alt1

1.8.17-alt1 built May 17, 2021 Mikhail Efremov in task 271820 --- May 14, 2021 Mikhail Efremov - Updated to 1.8.17 fixes: CVE-2021-32563...

Security update for haproxy (important)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2019:0166-1 Rating: important References: 1121283 Cross-References: CVE-2018-20615 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for haproxy...

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

Go Ethereum Denial of Service Vulnerability

Go Ethereum aka geth is an open source implementation of the Ether protocol written in the Go language. A security vulnerability exists in the cmd/evm/runner.go file in Go Ethereum version 1.8.17. An attacker can exploit the vulnerability with the help of specially crafted bytecode to cause a...

MyBB Cross-Site Scripting Vulnerability (CNVD-2018-17203)

MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A cross-site scripting vulnerability exists in the inc/classfeedgeneration.php file in MyBB versio...