14 matches found
EUVD-2025-24788
Malicious code in bioql PyPI...
CVE-2025-52730
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Stored XSS.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a throug...
CVE-2025-52731
Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through =...
CVE-2025-52731 WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability
Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through =...
CVE-2025-52730 WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Stored XSS.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a throug...
WordPress plugin WordPress Event Manager, Event Calendar and Booking Plugin 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
PT-2025-33211 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: Event Manager, Event Calendar and Booking Plugin for WordPress versions not specified through 4.0.24 Description: A missing authorization flaw exists in the theme function of the WordPress Event Manager, Event Calendar and Booking Plugin. Thi...
WordPress plugin Eventin 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation
Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation I have previously disclosed a couple of bugs in Hashicorp's vagrant-vmware-fusion plugin for vagrant. Unfortunately the 4.0.23 release which was supposed to fix the previous bug I reported didn't address the issue, so Hashicorp...
HashiCorp Vagrant VMware Fusion Plugin Local Root Vulnerability
HashiCorp Vagrant VMware Fusion plugin is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. A security vulnerability exists in the insecure suid wrapper binary in HashiCorp Vagrant VMware Fusion plugin version 4.0.24 and earlier...
MySQL < 3.23.50 / 4.0.24 / 4.1.6 / 5.0.3 Insecure Temporary File Creation
The version of MySQL installed on the remote host is older than 3.23.50, 4.0.24, 4.1.6 or 5.0.3. As such, the mysqlaccess script included with it reportedly could be used to read or overwrite arbitrary files via a symlink attack. C Tenable Network Security, Inc. include"compat.inc"; if descriptio...
Gentoo Security Advisory GLSA 200503-19 (mysql)
The remote host is missing updates announced in advisory GLSA 200503-19. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 707-1 (mysql)
The remote host is missing an update to mysql announced via advisory DSA 707-1. OpenVAS Vulnerability Test $Id: deb7071.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 707-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
[SECURITY] [DSA 707-1] New mysql packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 707-1 [email protected] http://www.debian.org/security/ Martin Schulze April 13th, 2005 http://www.debian.org/security/faq -...