CVE-2020-36912

Plexus anblick Digital Signage Management 3.1.13 suffers an open redirect in the PantallaLogin script, exploited by manipulating the pagina GET parameter due to improper input validation. This allows redirection to arbitrary websites; CVE-2020-36912 details network-based impact with high severity...

Plexus anblick 输入验证错误漏洞

Plexus anblick is a digital signage management software from Plexus USA. An input validation error vulnerability exists in Plexus anblick version 3.1.13, which stems from an open redirection vulnerability in the PantallaLogin script that could result in a user being redirected to an arbitrary...

CVE-2025-13401

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attributes in the "createimgpreloadtag" function...

CVE-2025-13401

CVE-2025-13401 : Autoptimize for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to 3.1.13 due to insufficient input sanitization and output escaping in create_img_preload_tag. Exploitation requires authenticated access at Contributor level or higher, allowing injection of s...

PT-2025-48810

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attributes in the "create img preload tag" function...

CVE-2025-59303

HAProxy Kubernetes Ingress Controller before 3.1.13, when the config-snippets feature flag is used, accepts config snippets from users with create/update permissions. This can result in obtaining an ingress token secret as a response. The fixed versions of HAProxy Enterprise Kubernetes Ingress...

EUVD-2024-16865

Malicious code in bioql PyPI...

EUVD-2023-1235

Malicious code in bioql PyPI...

EUVD-2023-1387

Malicious code in bioql PyPI...

EUVD-2023-1476

Malicious code in bioql PyPI...

EUVD-2023-1478

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-28961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the liertrad and where parameters...

CVE-2023-2429

Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.13...

CVE-2022-28961

Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the liertrad and where parameters...

WordPress CoBlocks plugin <= 3.1.13 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin CoBlocks versions = 3.1.13...

WordPress plugin CoBlocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-41344

A Cross-Site Request Forgery CSRF in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges...

Cross site request forgery (csrf)

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.13. This is due to missing or incorrect nonce validation on the optimizeAllOn function. This makes it possible for unauthenticated attackers to modif...

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Plugin ImageRecycle pdf & image compression security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...