EUVD-2025-208997

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Zorka zorka allows Reflected XSS.This issue affects Zorka: from n/a through = 1.5.7...

WordPress plugin Community Events 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4382

Name of the Vulnerable Software and Affected Versions uPress Booter versions through 1.5.7 Description An authorization issue exists in uPress Booter’s booter-bots-crawlers-manager component. This allows exploitation due to incorrectly configured access control security levels. Recommendations...

WordPress plugin DASHBOARD BUILDER – WordPress plugin for Charts and Graphs 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...

EUVD-2025-31240

Malicious code in bioql PyPI...

WordPress Frames Theme <= 1.5.7 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Frames versions = 1.5.7...

WordPress Gutenify Plugin <= 1.5.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by LVT-tholv2k in WordPress Plugin Gutenify versions = 1.5.7...

WordPress plugin VoucherPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

Linux Distros Unpatched Vulnerability : CVE-2024-42008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site Scripting vulnerability in rcmailactionmailget-run in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send...

PT-2024-33399 · WordPress · Wordpress Gallery Plugin

Name of the Vulnerable Software and Affected Versions: Limb WordPress Gallery Plugin – Limb Image Gallery versions 1.5.7 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, allowing Code Injection in the Limb Image Gallery Plugin. This enables...

WordPress Limb Gallery plugin <= 1.5.7 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin WordPress Gallery Plugin – Limb Image Gallery versions = 1.5.7...

WordPress Limb Gallery plugin <= 1.5.7 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin WordPress Gallery Plugin – Limb Image Gallery versions = 1.5.7...

CVE-2024-44033

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in NicheAddons Primary Addon for Elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through 1.5.7...

CVE-2020-3483

Duo has identified and fixed an issue with the Duo Network Gateway DNG product in which some customer-provided SSL certificates and private keys were not excluded from logging. This issue resulted in certificate and private key information being written out in plain-text to local files on the DNG...