8 matches found
Astra Linux – Vulnerability in cups
Due to a failure in validating the length provided by a PPD PostScript document crafted by an attacker, CUPS and libppd are vulnerable to a heap-based buffer overflow, potentially leading to code execution. This issue has been fixed in CUPS version 2.4.7, released in September 2023...
CVE-2025-66036 Retro is vulnerable to XSS vulnerability in input handling component
Retro is an online platform providing items of vintage collections. Prior to version 2.4.7, Retro is vulnerable to a cross-site scripting XSS in the input handling component. This issue has been patched in version 2.4.7...
PT-2025-48354
Name of the Vulnerable Software and Affected Versions Retro versions prior to 2.4.7 Description Retro, an online platform for vintage collections, has a cross-site scripting XSS issue in the input handling component. This allows for potential malicious code execution through crafted input...
CVE-2025-12064
The WP2Social Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress WP Multi Store Locator Plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin WP Multistore Locator versions = 2.4.7...
WordPress AI ENGINE plugin <= 2.4.7 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin AI Engine versions = 2.4.7...
WordPress plugin WP Prayer II security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2020-12377
Insufficient input validation in the BMC firmware for some IntelR Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access...