WordPress plugin Popup box 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

EUVD-2018-6817

Malware in sbrugna...

EUVD-2019-3138

Malware in sbrugna...

EUVD-2025-6550

Malicious code in bioql PyPI...

WordPress Poll Maker plugin < 5.5.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Poll Maker versions 5.5.4...

WordPress plugin Poll Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Poll Maker plugin <= 5.5.4 - Cross-Site Request Forgery to Poll Duplication vulnerability

Cross-Site Request Forgery to Poll Duplication vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Poll Maker versions = 5.5.4...

PT-2024-26658 · Unknown · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder Lite versions through 5.5.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...

WordPress The Plus Addons for Elementor plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.5.4...

CVE-2024-5341

The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' attribute of the Heading Title widget in all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes...

PT-2024-35733 · WordPress · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder plugin for WordPress versions up to, and including, 5.5.4 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, specifically the size...

RoboDK 安全漏洞

RoboDK is a robot driver from RoboDK, Inc. A security vulnerability exists in RoboDK version v5.5.4, which stems from vulnerability to heap-based buffer overflows when working with specific project files, and the resulting memory corruption may crash the application...

CVE-2024-27304 pgx SQL Injection via Protocol Message Size Overflow

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

Information disclosure

CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY...

WordPress Ajax Load More plugin <= 5.5.3 - PHAR Deserialization via Cross-Site Request Forgery (CSRF) vulnerability

PHAR Deserialization via Cross-Site Request Forgery CSRF vulnerability discovered by Rasoul Jahanshahi in WordPress Ajax Load More plugin versions = 5.5.3. Solution Update the WordPress Ajax Load More plugin to the latest available version at least 5.5.4...

WordPress plugin Formidable Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2021-28133

Zoom through 5.5.4 sometimes allows attackers to read private information on a participant's screen, even though the participant never attempted to share the private part of their screen. When a user shares a specific application window via the Share Screen functionality, other meeting participan...

Security Bulletin: Cross Site Scripting security vulnerabilities in FileNet Content Manager

Summary Cross Site Scripting security vulnerabilities in FileNet Content Manager in Administration Console for Content Platform Engine ACCE Vulnerability Details CVEID: CVE-2020-4447 DESCRIPTION: IBM FileNet Content Manager is vulnerable to cross-site scripting. This vulnerability allows users to...

vBulletin < 5.5.5 URL Mishandling Vulnerability

vBulletin mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

vBulletin 5.x < 5.5.4 Patch Level 2 Multiple Vulnerabilities

vBulletin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vbulletin:vbulletin"; ifdescripti...