CVE-2025-63000 WordPress Sermon Manager plugin <= 2.30.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpforchurch Sermon Manager sermon-manager-for-wordpress allows Stored XSS.This issue affects Sermon Manager: from n/a through = 2.30.0...

CVE-2025-63002

Missing Authorization vulnerability in wpforchurch Sermon Manager sermon-manager-for-wordpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sermon Manager: from n/a through = 2.30.0...

CVE-2025-63002

Missing Authorization vulnerability in wpforchurch Sermon Manager sermon-manager-for-wordpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sermon Manager: from n/a through = 2.30.0...

CVE-2025-63002 WordPress Sermon Manager plugin <= 2.30.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in wpforchurch Sermon Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sermon Manager: from n/a through 2.30.0...

CVE-2025-12368

The Sermon Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sermon-views shortcode in all versions up to, and including, 2.30.0. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticate...

WordPress Sermon Manager plugin <= 2.30.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Sermon Manager versions = 2.30.0...

CVE-2025-53819 Nix's privilege dropping to build user broke for macOS

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges root, instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available...

Nix 安全漏洞

Nix is a powerful package manager from the Nix open source. It is used for making packages. A security vulnerability exists in Nix version 2.30.0 that stems from the use of elevated privileges when building on macOS...

webkitgtk: use-after-free may lead to arbitrary code execution

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability...