CVE-2026-7725

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

GHSA-6RCX-55R6-JX65 Prefect Git Argument Injection in GitRepository Pull Steps

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

EUVD-2026-26880

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

Prefect 注入漏洞

Prefect is a workflow orchestration tool developed by Prefect OpenSource. It enables developers to build, monitor data pipelines, and respond to changes in those pipelines. Prefect versions 3.6.25.dev6 and earlier have a vulnerability due to an unknown feature in the GitRepository Pull Handler...

CVE-2026-23548

Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.25...

CVE-2026-23548

Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.25...

CVE-2026-23548 WordPress DirectoryPress plugin <= 3.6.25 - Broken Access Control vulnerability

Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.25...

PT-2026-20665

Missing Authorization vulnerability in designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.25...

EUVD-2025-35978

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designinvento DirectoryPress directorypress allows DOM-Based XSS.This issue affects DirectoryPress: from n/a through = 3.6.25...

CVE-2025-62967

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Designinvento DirectoryPress directorypress allows DOM-Based XSS.This issue affects DirectoryPress: from n/a through = 3.6.25...

CVE-2025-62967

CVE-2025-62967 — WordPress Plugin DirectoryPress (

PT-2025-43839

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designinvento DirectoryPress directorypress allows DOM-Based XSS.This issue affects DirectoryPress: from n/a through = 3.6.25...

WordPress DirectoryPress plugin <= 3.6.25 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin DirectoryPress versions = 3.6.25...

EUVD-2023-42210

Malicious code in bioql PyPI...

CVE-2023-37979

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Saturday Drive Ninja Forms Contact Form plugin = 3.6.25 versions...

CVE-2023-38386

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25...

WordPress plugin Ninja Forms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Ninja Forms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2023-26395 · Saturday Drive · Ninja Forms

Name of the Vulnerable Software and Affected Versions: Ninja Forms versions 3.6.25 and earlier Description: The issue is related to a Missing Authorization vulnerability in Saturday Drive Ninja Forms. Recommendations: For versions 3.6.25 and earlier, update to a version later than 3.6.25 to resol...

PT-2023-26402

Name of the Vulnerable Software and Affected Versions Ninja Forms versions 3.6.25 and earlier Description The issue is related to a Missing Authorization vulnerability in Saturday Drive Ninja Forms. Recommendations For versions 3.6.25 and earlier, update to a version later than 3.6.25 to resolve...