WordPress Modal Popup Box plugin <= 1.6.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Modal Popup Box versions = 1.6.1...

WordPress Educare plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin Educare versions = 1.6.1...

CVE-2025-64432

KubeVirt is a virtual machine management add-on for Kubernetes. Versions 1.5.3 and below, and 1.6.0 contained a flawed implementation of the Kubernetes aggregation layer's authentication flow which could enable bypass of RBAC controls. It was discovered that the virt-api component fails to...

WordPress Barcode Scanner and Inventory manager plugin <= 1.6.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by justakazh Patchstack Alliance in WordPress Plugin Barcode Scanner with Inventory & Order Manager versions = 1.6.1...

PT-2024-24998 · Unknown · Max Addons Pro For Bricks

Name of the Vulnerable Software and Affected Versions: Max Addons Pro for Bricks versions 1.6.1 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects Max Addons Pro for Bricks, allowing unauthorized access. Recommendations: For Max Addo...

PT-2024-23917 · Repute Infosystems · Arforms Form Builder

Name of the Vulnerable Software and Affected Versions: Repute InfoSystems ARForms Form Builder versions 1.6.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software. This type of issue allows an attacker to trick a user into performing unintended actions on a web...

Flarum 跨站脚本漏洞

Flarum is an open source forum system for the Flarum community. A cross-site scripting vulnerability exists in Flarum versions 1.5.0 through 1.6.1. An attacker exploits the vulnerability to inject malicious HTML via header input...