CVE-2026-39535

Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display Eventbrite Events: from n/a through = 6.5.6...

CVE-2026-39535

CVE-2026-39535 concerns the WordPress plugin Display Eventbrite Events (plugin version

CVE-2025-61962

In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context...

CVE-2024-30526

Cross-Site Request Forgery CSRF vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6...

0x-relayer-cat (>=0.0.2 <=0.0.10), 0xauth (>=0.0.2 <=0.0.6) +8123 more potentially affected by CVE-2024-42461 via elliptic (>=5.2.1 <=6.5.6)

elliptic NPM version =5.2.1, =0.0.2, =0.0.2, =1.0.6, =0.0.1-beta.1, =0.1.0, =0.0.92, =0.1.3, =4.2.1, =6.2.1, =13.6.1, =13.7.2 and more Source cves: CVE-2024-42461 Source advisory: OSV:GHSA-49Q7-C7J4-3P7M...

PT-2024-29954

Name of the Vulnerable Software and Affected Versions Elliptic package version 6.5.6 Description The issue concerns EDDSA signature malleability due to a missing signature length check, allowing zero-valued bytes to be removed or appended. This is a cryptographic weakness that can be exploited...

WordPress plugin CTX Feed 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Consulting 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

WordPress Plugin Easy Social Feed 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-30526

Cross-Site Request Forgery CSRF vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6...

Qt 安全漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

WordPress Consulting Theme 6.3.0 - 6.5.6 is vulnerable to Local File Inclusion

Software Consulting Type Theme Vulnerable versions 6.3.0 - 6.5.6 Fixed in 6.5.7 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-37385 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID dafa46bad8e4 Credits Dave Jong Patchstack Required privilege...

WordPress Google Analyticator Plugin < 6.5.6 Multiple PHP Object Injection Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sumo:googleanalyticator"; if description...

Guzzle 信息泄露漏洞

PHP is a scripting language that executes on the server side.Guzzle is a PHP HTTP client for the guzzlehttp individual developer that makes it easy to send HTTP requests and easily integrates with web services. An information disclosure vulnerability exists in Guzzle versions 6.5.6 and earlier,...

Lotus Domino IMAP Server < 6.5.6 / 7.0.2 FP1 CRAM-MD5 Authentication Overflow

Binary data 3958.prm...