Eventum 3.3.4 Open Redirection

An open redirection vulnerability exists in Eventum Issue Tracker version 3.3.4. The vulnerability allows remote attackers to redirect users to arbitrary external websites. This issue is older research added to the archive...

AZL-76352 CVE-2026-24829 affecting package fltk 1.3.8-1

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4...

CVE-2026-24829

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4...

CVE-2026-24828

Missing Release of Memory after Effective Lifetime vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4...

EUVD-2026-4808

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4...

::Engine security vulnerabilities

is::Engine is a game engine developed by Is Daouda personally. Versions of is::Engine prior to 3.3.4 contained security vulnerabilities, which stemmed from the issue of memory being retained after the effective lifetime of objects had ended...

CVE-2016-10987

The persian-woocommerce-sms plugin before 3.3.4 for WordPress has pssmsnumbers XSS...

WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.4 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin ELEX WordPress HelpDesk & Customer Ticketing System versions = 3.3.4...

CVE-2025-9343

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ticket subjects in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker...

CVE-2025-9343

CVE-2025-9343 : Stored XSS in the ELEX WordPress HelpDesk & Customer Ticketing System plugin (

CVE-2025-9343 ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.4 - Unauthenticated Stored Cross-Site Scripting

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ticket subjects in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker...

EUVD-2025-203567

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gal Dubinski Stars Testimonials stars-testimonials-with-slider-and-masonry-grid allows Stored XSS.This issue affects Stars Testimonials: from n/a through = 3.3.4...

CVE-2025-67912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Premio Stars Testimonials stars-testimonials-with-slider-and-masonry-grid allows Stored XSS.This issue affects Stars Testimonials: from n/a through = 3.3.4...

CVE-2025-67912 WordPress Stars Testimonials plugin <= 3.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Premio Stars Testimonials stars-testimonials-with-slider-and-masonry-grid allows Stored XSS.This issue affects Stars Testimonials: from n/a through = 3.3.4...

CVE-2025-67912

CVE-2025-67912 is a stored XSS vulnerability in the WordPress plugin Stars Testimonials — Responsive Reviews & Star Ratings (slider and masonry grid) affecting versions up to and including 3.3.4 . The issue arises from improper input handling during web page generation, enabling attacker-supplied...

PT-2025-51431

Name of the Vulnerable Software and Affected Versions Gal Dubinski Stars Testimonials versions through 3.3.4 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious scripts...

WordPress plugin Stars Testimonials 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exis...

EUVD-2025-202628

A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request...

CVE-2025-65602

A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request...

ChanCMS 安全漏洞

ChanCMS is a content management system by yanyutao0402 individual developer in China. A security vulnerability exists in ChanCMS version 3.3.4, which originates from a template injection in the /vip/v1/file/save component, which may result in the execution of arbitrary code...