WordPress Simple Link Directory plugin <= 8.8.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Simple Link Directory versions = 8.8.3...

CVE-2025-67576

CVE-2025-67576 is linked to the Wordfence vulnerability listing for Simple Link Directory (plugin: Simple Link Directory) with a Missing Authorization issue affecting versions up to 8.8.3. The connected Wordfence document confirms this CVE entry and notes the vulnerability as a Missing Authorizat...

CVE-2025-67465 WordPress Simple Link Directory plugin <= 8.8.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in QuantumCloud Simple Link Directory simple-link-directory allows Cross Site Request Forgery.This issue affects Simple Link Directory: from n/a through = 8.8.3...

CVE-2025-67465

Technical details for CVE-2025-67465 (CSRF in Simple Link Directory plugin) are not provided in the connected documents. Initial description notes plugin versions

WordPress plugin Simple Link Directory 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-49950

Missing Authorization vulnerability in QuantumCloud Simple Link Directory simple-link-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Link Directory: from n/a through = 8.8.3...

Notepad++ DLL Hijacking Vulnerability (Oct 2025)

Notepad++ is prone to a DLL hijacking vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:notepad-plus-plus:notepad++"...

BIT-MONGOOSE-2024-53900

Mongoose before 8.8.3 can improperly use $where in match, leading to search injection...

CVE-2025-56383

Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary...

CVE-2025-56383

Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary...

CVE-2025-56383

Notepad++ DLL Hijacking (CVE-2025-56383) affects Notepad++ v8.8.3 and earlier. The vulnerability allows replacing a legitimate DLL (e.g., NppExport.dll) in the plugin directory with a malicious one, enabling arbitrary code execution with the user’s privileges. Exploitation is local and relies on ...

CVE-2024-53900

Mongoose before 8.8.3 can improperly use $where in match, leading to search injection...

CVE-2024-53900

Mongoose before 8.8.3 can improperly use $where in match, leading to search injection...

Pegasystem PEGA Platform Cross-Site Scripting Vulnerability

Pegasystem PEGA Platform is a suite of application development platforms from the US-based Pegasystem. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making, and CRM Customer Relationship Management. A security vulnerabili...

PT-2023-3692 · Hitachi · Hitachi Device Manager +4

Name of the Vulnerable Software and Affected Versions: Hitachi Device Manager versions prior to 8.8.5-02 Hitachi Tiered Storage Manager versions prior to 8.8.5-02 Hitachi Replication Manager versions prior to 8.8.5-02 Hitachi Tuning Manager versions prior to 8.8.5-02 Hitachi Compute Systems Manag...

EUVD-2022-52154

The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting...

WordPress plugin BackupBuddy 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogging sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

CVE-2020-12523

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports g...

Design/Logic Flaw

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports g...

CVE-2019-2878

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: HTTP data path subsystems. The supported version that is affected is 8.8.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...