WordPress MoreConvert Pro plugin <= 1.9.14 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin MoreConvert Pro versions = 1.9.14...

CVE-2025-62893

Authorization Bypass Through User-Controlled Key vulnerability in mediavine Create by Mediavine mediavine-create allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Create by Mediavine: from n/a through = 1.9.14...

EUVD-2025-36045

Authorization Bypass Through User-Controlled Key vulnerability in mediavine Create by Mediavine mediavine-create allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Create by Mediavine: from n/a through = 1.9.14...

CVE-2025-62893

...

EUVD-2025-13847

Malicious code in bioql PyPI...

CVE-2025-47470

Cross-Site Request Forgery CSRF vulnerability in senols GPT3 AI Content Writer gpt3-ai-content-generator allows Cross Site Request Forgery.This issue affects GPT3 AI Content Writer: from n/a through = 1.9.14...

CVE-2025-47470 WordPress GPT3 AI Content Writer plugin <= 1.9.14 - Cross Site Request Forgery (CSRF) to Prompt Generation vulnerability

Cross-Site Request Forgery CSRF vulnerability in senols GPT3 AI Content Writer allows Cross Site Request Forgery. This issue affects GPT3 AI Content Writer: from n/a through 1.9.14...

PT-2025-3242 · Tips Tricks Hq · Compact Wp Audio Player

Name of the Vulnerable Software and Affected Versions: Tips and Tricks HQ Compact WP Audio Player versions 1.9.14 and earlier Description: The issue is a Server-Side Request Forgery SSRF vulnerability that allows Server Side Request Forgery. This means an attacker can potentially trick the server...

WordPress Compact WP Audio Player plugin <= 1.9.14 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Compact WP Audio Player versions = 1.9.14...

WordPress Tumult Hype Animations plugin <= 1.9.14 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Tumult Hype Animations versions = 1.9.14...

PT-2022-16532 · Htmldoc +5 · Htmldoc +5

Name of the Vulnerable Software and Affected Versions: HTMLDOC version 1.9.14 Description: The issue is caused by an infinite loop in the gif read lzw function, which can lead to a pointer arbitrarily pointing to heap memory, resulting in a buffer overflow. Recommendations: For HTMLDOC version...

PT-2022-16801 · Hashicorp +2 · Ingress Gateway +4

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.8.0 through 1.9.14 HashiCorp Consul and Consul Enterprise version 1.10.7 HashiCorp Consul and Consul Enterprise version 1.11.2 Description: The issue allows a user with service:write permissio...

Security Bulletin: IBM Aspera Shares 1.9.14 Patch Level 1 and earlier are vulnerable to DOM XSS

Summary DOM XSS on IBM Aspera Shares 1.9.14 Patch Level 1 and earlier could lead to HTML/JS injection and Account takeover. Vulnerability Details CVEID: CVE-2020-4731 DESCRIPTION: IBM Aspera Web Application is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

Security Bulletin: Aspera Web Application (Console, Shares) are affected by jQuery vulnerability (cross-site scripting)

Summary Aspera Web Application Console, Shares have the following jQuery vulnerability. Vulnerability Details Third Party Entry: 180875 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the HTML function. A remote attacker could...

IBM Aspera Shares Cross-Site Scripting Vulnerability

IBM Aspera Shares is a Web application that enables companies to share content in the form of files and directories of any size within the organization or with external customers and partners. A cross-site scripting vulnerability exists in IBM Aspera Shares 1.9.14 PL1. An attacker can exploit the...

CVE-2020-4731

IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188055...

CVE-2019-15840

The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF...

TestLink Cross-Site Request Forgery Vulnerability

Testlink is TestLink team developed a PHP-based open source test management tool . The tool provides test requirements management , test case management and test data statistics and other functions . TestLink version 1.9.14 cross-site request forgery vulnerability exists. Remote attackers can...

security flaw

Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service application crash and execute arbitrary code via certain image files...

security flaw

Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service application crash and execute arbitrary code via certain image files...