CVE-2025-9346

The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 10.14.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and...

CVE-2025-9346 Booking Calendar <= 10.14.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 10.14.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and...

CVE-2025-9346

The CVE-2025-9346 entry concerns the Booking Calendar WordPress plugin. Affected: Booking Calendar plugin for WordPress (all versions up to 10.14.1). Issue: Authenticated attackers with Administrator-level access+ can trigger Stored Cross-Site Scripting via plugin settings due to insufficient inp...

WordPress plugin Booking Calendar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Booking Calendar plugin <= 10.14.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Cody Sixteen in WordPress Plugin Booking Calendar versions = 10.14.1...

Creation of Temporary File With Insecure Permissions

Overview Affected versions of this package are vulnerable to Creation of Temporary File With Insecure Permissions. A knowledgeable local user can locate temporary files created when a scheduled file is read. While they are in use, the user will be able to read the schedule being processed by MPXJ...

CVE-2022-41954

MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems not Windows or macos, MPXJ's use of File.createTempFile.. results in temporary files being created with the permissions -rw-r--r--. This means that any other...

PYSEC-2022-42996

MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems not Windows or macos, MPXJ's use of File.createTempFile.. results in temporary files being created with the permissions -rw-r--r--. This means that any other...

CVE-2018-4421

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1...

CVE-2018-4415

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1...

Apple macOS Mojave Carbon Core Memory Corruption Vulnerability

Apple macOS Mojave is a specialized operating system developed by Apple for Mac computers.Carbon Core is one of the C-based components of the Macintosh operating system. A security vulnerability exists in the Carbon Core component of Apple macOS Mojave version 10.14.1. An attacker can exploit thi...

Security fix for the ALT Linux 10 package node version 10.14.1-alt1

Nov. 30, 2018 Vitaly Lipatov 10.14.1-alt1 - new version 10.14.1 with rpmrb script - disable internal doc - 2018-11-27, Version 10.14.0 'Dubnium' LTS, @rvagg - CVE-2018-12121, CVE-2018-12122, CVE-2018-12123...