CVE-2026-25461

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes Listeo Core listeo-core allows Reflected XSS.This issue affects Listeo Core: from n/a through = 2.0.21...

EUVD-2026-15744

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes Listeo Core listeo-core allows Reflected XSS.This issue affects Listeo Core: from n/a through = 2.0.21...

CVE-2026-25461

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes Listeo Core listeo-core allows Reflected XSS.This issue affects Listeo Core: from n/a through = 2.0.21...

WordPress plugin Listeo Core 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

OPENSUSE-SU-2025:15074-1 libmosquitto1-2.0.21-2.1 on GA media

These are all security issues fixed in the libmosquitto1-2.0.21-2.1 package on the GA media of openSUSE Tumbleweed...

WordPress Market Exporter plugin <= 2.0.21 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Market Exporter versions = 2.0.21...

CVE-2024-52495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in enituretechnology Distance Based Shipping Calculator distance-based-shipping-calculator allows SQL Injection.This issue affects Distance Based Shipping Calculator: from n/a through = 2.0.23...

PT-2024-37644 · Tradedoubler · The Grow By Tradedoubler

Name of the Vulnerable Software and Affected Versions: The Grow by Tradedoubler WordPress plugin versions 2.0.21 and earlier Description: The issue allows attackers to include and execute PHP files on the server via the component parameter, enabling the execution of any PHP code in those files...

CVE-2024-28122 JWX vulnerable to a denial of service attack using compressed JWE message

JWX is Go module implementing various JWx JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE technologies. This vulnerability allows an attacker with a trusted public key to cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionally high...

PT-2024-2212

Name of the Vulnerable Software and Affected Versions jwx versions prior to 1.2.29 jwx versions prior to 2.0.21 Description This issue allows an attacker with a trusted public key to cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionall...

PT-2023-26703 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: Froxlor version 2.0.21 Description: Our research team found a zeroday issue in Froxlor. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was...

Input validation

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

CVE-2023-3668 Improper Encoding or Escaping of Output in froxlor/froxlor

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21...

undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUESTLOGGER.undertowRequestFailedt, exchange...

Namazu: Multiple vulnerabilities

Background Namazu is a full-text search engine intended for easy use. Description Multiple vulnerabilities have been discovered in Namazu. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code or cause a Denial of Service condition...

Fedora 16 : php-symfony2-HttpKernel-2.0.21-1.fc16 (2012-21069)

Updated to upstream version 2.0.21. See : - http://symfony.com/blog/security-release-symfony-2-0-20- and-2-1-5-released - http://symfony.com/blog/symfony-2-0-21-and-2-1-5-relea sed Changelogs : - 2.0.20 2.0.21: https://github.com/symfony/symfony/compare/v2.0.20...v2. 0.21 - 2.0.19 2.0.20:...

Cryptocat 2.0.21 Chrome Extension - imgkeygen.gif File Information Disclosure

Cryptocat 2.0.21 Chrome Extension - imgkeygen.gif File Information Disclosure source: https://www.securityfocus.com/bid/61090/info Cryptocat is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further...

Cryptocat 2.0.21 Chrome Extension - &#039;img/keygen.gif&#039; File Information Disclosure

source: https://www.securityfocus.com/bid/61090/info Cryptocat is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Cryptocat 2.0.21 is vulnerable; other versions may also be affected...

gd: additional overflows

Multiple buffer overflows in the gd graphics library libgd 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990...