JLSEC-2026-365

A potential memory leak issue was discovered in SDL2 in GLESCreateTexture function in SDLrendergles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected...

CVE-2025-66135 WordPress Imager for Elementor plugin <= 2.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through = 2.0.4...

CVE-2025-68578 WordPress Addonify plugin <= 2.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify: from n/a through = 2.0.4...

CVE-2025-10176

The CVE-2025-10176 entry concerns The Hack Repair Guy's Plugin Archiver for WordPress, with ARBITRARY FILE DELETION in prepare_items across versions up to 2.0.4. The issue arises from insufficient file path validation, enabling authenticated users with Administrator-level access to delete arbitra...

PT-2025-37355

Name of the Vulnerable Software and Affected Versions: The Hack Repair Guy's Plugin Archiver plugin for WordPress versions up to and including 2.0.4 Description: The Plugin Archiver plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation within the...

CVE-2022-29358

epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in parsespecialtag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted XML file...

CVE-2025-32120 WordPress Easy Query – WP Query Builder plugin <= 2.0.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edanzer Easy Query – WP Query Builder easy-query allows Blind SQL Injection.This issue affects Easy Query – WP Query Builder: from n/a through = 2.0.4...

PT-2025-1784 · WordPress · Woocommerce Check Pincode/Zipcode For Shipping Plugin

Name of the Vulnerable Software and Affected Versions: Woocommerce check pincode/zipcode for shipping plugin for WordPress versions up to, and including, 2.0.4 Description: The issue is due to missing or incorrect nonce validation, making it possible for unauthenticated attackers to inject...

WordPress plugin Themify Audio Dock 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-27404 · Kodezen Limited · Academy Lms

Name of the Vulnerable Software and Affected Versions: Academy LMS versions 2.0.4 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, in Kodezen Limited Academy LMS. This vulnerability allows for redirection to...

UBUNTU-CVE-2022-4743

A potential memory leak issue was discovered in SDL2 in GLESCreateTexture function in SDLrendergles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected...

PYSEC-2021-380

Ops CLI version 2.0.4 and earlier is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkoutrepo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim machine...

PHP Scripts Mall hotel-booking-script Denial of Service Vulnerability

PHP Scripts Mall hotel-booking-script is a hotel booking system script by PHP Scripts Mall India, which includes features like advanced CMS management, review management and booking management. A denial of service vulnerability exists in PHP Scripts Mall hotel-booking-script version 2.0.4, which...

[Full-Disclosure] XSS in Board Power forum

Programm: Board Power forum v2.04 PF Autor: Ivan Zhdanov CRITICAL: Low Exploit: http://target/cgi-bin/boardpower/icq.cgi?action=scriptjavascript:alert 'hello';/script URL: http://www.thewebmasterforums.com ...... Maxpatrol - Professional Network Security Scanner www.maxpatrol.com. Full-Disclosure...