42 matches found
CVE-2026-1307 Ninja Forms <= 3.14.1 - Authenticated (Contributor+) Sensitive Information Disclosure via Block Editor Token
The Ninja Forms - The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.14.1 via a callback function for the adminenqueuescripts action handler in blocks/bootstrap.php. This makes it possible for...
CVE-2026-24952
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Stored XSS.This issue affects Seriously Simple Podcasting: from n/a through = 3.14.1...
CVE-2026-24952 WordPress Seriously Simple Podcasting plugin <= 3.14.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Stored XSS.This issue affects Seriously Simple Podcasting: from n/a through = 3.14.1...
CVE-2026-24952
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Stored XSS.This issue affects Seriously Simple Podcasting: from n/a through = 3.14.1...
CVE-2026-24952 WordPress Seriously Simple Podcasting plugin <= 3.14.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Stored XSS.This issue affects Seriously Simple Podcasting: from n/a through = 3.14.1...
CVE-2026-24952
Summary: CVE-2026-24952 affects the WordPress plugin Seriously Simple Podcasting (≤ 3.14.1). The issue is stored Cross-Site Scripting caused by improper input handling during web page generation. Impact: CVSSv3.1 base score 6.5 (Medium); confidentiality, integrity, and availability are LOW. Root ...
PT-2026-6222
Name of the Vulnerable Software and Affected Versions Seriously Simple Podcasting versions through 3.14.1 Description The software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This means malicious scripts can be...
WordPress GiveWP - Donation Plugin and Fundraising Platform plugin <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution vulnerability
WordPress GiveWP - Donation Plugin and Fundraising Platform plugin = 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution vulnerability discovered by villu164 in WordPress Plugin GiveWP versions = 3.14.1...
CVE-2026-24360
Server-Side Request Forgery SSRF vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Server Side Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through = 3.14.1...
CVE-2026-24360 WordPress Seriously Simple Podcasting plugin <= 3.14.1 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Server Side Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through = 3.14.1...
PT-2026-4255
Server-Side Request Forgery SSRF vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Server Side Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through = 3.14.1...
WordPress plugin Seriously Simple Podcasting has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...
WordPress Seriously Simple Podcasting plugin <= 3.14.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Seriously Simple Podcasting versions = 3.14.1...
Python DoS Vulnerability (Dec 2025) - Mac OS X
Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
200-ok-boomer (>=2.0.0 <=2.1.0), 20190403-utils (=1.0.0) +6652 more potentially affected by CVE-2025-64718 via js-yaml (>=3.0.0 <=3.14.1)
js-yaml NPM version =3.0.0, =2.0.0, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.2.39, =0.0.1, =1.0.2, =2.0.3, =0.0.327, =0.0.308, =1.0.29, =1.0.30 and more Source cves: CVE-2025-64718 Source advisory: SNYK:JS-JSYAML-13961110...
EUVD-2019-8855
Malware in sbrugna...
EUVD-2024-2849
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-25620
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose...
CVE-2023-24675
Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL...
PT-2024-39274 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.14.1 GitHub Enterprise Server versions 3.13.4 and earlier GitHub Enterprise Server versions 3.12.9 and earlier GitHub Enterprise Server versions 3.11.15 and earlier GitHub Enterprise Server version...