CVE-2025-14040

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...

EUVD-2025-208126

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...

CVE-2025-14040

CVE-2025-14040 : The Automotive Car Dealership WordPress Theme (WordPress theme) is vulnerable to a stored XSS via the action_text, action_button_text, action_link, and action_class fields in the Call to Action across all versions up to 13.4. Exploitation requires contributor-level authentication...

WordPress Automotive Car Dealership Business WordPress Theme plugin <= 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action Fields vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Call to Action Fields vulnerability discovered by Mateusz Gierblinski in WordPress Theme Automotive Car Dealership Business versions = 13.4...

CVE-2020-26413

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...

CVE-2023-42958

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.4. An app may be able to gain elevated privileges...

ZEIT Next.js 环境问题漏洞

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack and Babel.js. An environmental issue vulnerability exists in ZEIT Next.js versions 13.4 through prior to 13.5.1 that stems from the presence of a response queue poisoning vulnerability...

Jetpack < 13.4 - Contributor+ Stored Cross-Site Scripting via wpvideo Shortcode

Description The plugin did not properly escape some of its shortcode attributes, allowing users with at least the contributor role to conduct Stored XSS attacks. PoC wpvideo OcobLTqC freedom=true preloadContent='"src=x onerror=alertdocument.cookie xss'...

Apple macOS Ventura Security Vulnerability

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which originates from parsing Office documents may result in unexpected application termination or arbitrary code execution...

Cross site scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. org.xwiki.platform:xwiki-platform-web starting in version 3.1-milestone-1 and prior to 13.4-rc-1, org.xwiki.platform:xwiki-platform-web-templates prior to versions 14.10.2 and 15.5-rc-1, and...

Apple macOS Ventura Security Vulnerability

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which originates from an application that may be able to obtain root privileges...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to read sensitive location information...

部分Apple产品 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in some Apple products, which stems from an application that may be able to modify protected portions of the file system. The following products and versions are affected: iOS...

Apple macOS Ventura 竞争条件问题漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. Apple macOS Ventura version 13.4 suffers from a Competing Conditions Issue vulnerability that originates from an application that may be able to gain root privileges...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from the fact that applications may be able to break out of its sandbox...

Apple macOS Ventura 资源管理错误漏洞

Apple macOS Ventura is a desktop operating system from Apple, Inc. Apple macOS Ventura version 13.4 suffers from a resource management error vulnerability that originates from a remote attacker who may be able to cause an application to terminate unexpectedly or arbitrary code execution...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from the fact that applications may be able to break out of its sandbox...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to modify protected portions of the file system...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may bypass Gatekeeper checks...

Security fix for the ALT Linux 10 package postgresql14 version 13.4-alt1

Aug. 11, 2021 Alexei Takaseev 13.4-alt1 - 13.4 Fixes CVE-2021-3677...