97 matches found
WordPress plugin Eleganzo 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2026-15793
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel-company allows Object Injection.This issue affects Work & Travel Company: from n/a through = 1.2...
CVE-2025-13778
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13778 Device Reboot Control
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
Winter vulnerable to privilege escalation by authenticated backend users
Impact Affected versions of Winter CMS allowed authenticated backend users to escalate their accounts level of access to the system by modifying the roles / permissions assigned to their account through specially crafted requests to the backend while logged in. To actively exploit this security...
WordPress plugin Justicia 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress plugin Progress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress Sweet Jane theme <= 1.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Sweet Jane versions = 1.2...
WordPress Marra theme <= 1.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Marra versions = 1.2...
WordPress plugin eDS Responsive Menu 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress Plugin Login Page Editor Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
MiracleLinux 3 : dovecot-1.0.7-7.1.0.1.AXS3 (AXSA:2011-295:01)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-295:01 advisory. Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in eith...
WordPress plugin Dreamer Blog 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-53752
Name of the Vulnerable Software and Affected Versions Mohammad I. Okfie IF AS Shortcode versions through 1.2 Description A code injection issue exists in Mohammad I. Okfie IF AS Shortcode. The flaw allows for code injection, potentially enabling attackers to execute malicious code. The affected...
WordPress IF AS Shortcode plugin <= 1.2 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by mcdruid in WordPress Plugin IF AS Shortcode versions = 1.2...
WordPress Accordion Slider PRO plugin <= 1.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Accordion Slider PRO versions = 1.2...
CVE-2025-11880
The SM CountDown Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's smcountdown shortcode in versions less than, or equal to, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-60144
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in yonifre Lenix scss compiler lenix-scss-compiler allows Stored XSS.This issue affects Lenix scss compiler: from n/a through = 1.2...
PT-2025-39531
Name of the Vulnerable Software and Affected Versions Di Themes Demo Site Importer versions through 1.2 Description A Cross-Site Request Forgery issue exists in Di Themes Demo Site Importer. This allows attackers to perform actions on behalf of authenticated users. Recommendations Update to a...
Exploit for CVE-2025-34152
⚠️ CVE-2025-34152 – Shenzhen Aitemi M300 Wi-Fi Repeater RCE...