7 matches found
CVE-2026-13489
The CVE-2026-13489 entry describes a vulnerability in 78 xiaozhi-esp32
CVE-2026-25344 WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through = 2.2.6...
CVE-2026-27541
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
CVE-2025-58829 WordPress Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin <= 2.3.3 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in aitool Ai Auto Tool Content Writing Assistant Gemini Writer, ChatGPT All in One ai-auto-tool allows Server Side Request Forgery.This issue affects Ai Auto Tool Content Writing Assistant Gemini Writer, ChatGPT All in One: from n/a through = 2.3.3...
CVE-2025-48958
CVE-2025-48958 affects Froxlor before version 2.2.6, where an HTML Injection vulnerability in the Customer Account Portal (email section) allows injected HTML via user input in the domain field. Adversaries can cause phishing-style redirects to external sites, enabling credential theft and reputa...
CVE-2023-39022
oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. This vulnerability is exploited via passing an unchecked argument...
GHSA-69JQ-QR7W-J7QH FlowiseAI Flowise arbitrary file upload vulnerability
FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability in /api/v1/attachments...