WordPress Support Ticket Management System plugin <= 1.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin Support Ticket Management System versions = 1.9...

WordPress plugin Veil 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress plugin Notarius 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

PT-2025-52097

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Athos athos allows PHP Local File Inclusion.This issue affects Athos: from n/a through = 1.9...

EUVD-2011-4242

Malware in sbrugna...

WordPress plugin Advanced Appointment Booking & Scheduling 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2025-15954 · WordPress · Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable

Name of the Vulnerable Software and Affected Versions: Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic versions 1.9 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects the Woocommerce Produc...

Teedy 安全漏洞

Teedy is an open source, lightweight document management system for individuals and businesses open-sourced by Teedy France. A security vulnerability exists in Teedy versions 1.9 through 1.12, which stems from improper cleanup of user input and allows an unauthenticated attacker to perform variou...

WordPress plugin Shabbos and Yom Tov 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-1928 · WordPress · Service Box

Name of the Vulnerable Software and Affected Versions: Service Box plugin for WordPress versions up to, and including, 1.9 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers with...

WordPress plugin Youtube Video Grid 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

Sandboxels Security Vulnerabilities

Sandboxels is a browser game by the US-based team R74n. A security vulnerability exists in Sandboxels versions 1.9 through 1.9.5. An attacker exploited the vulnerability to perform a cross-site scripting attack...

CVE-2023-41697

Cross-Site Request Forgery CSRF vulnerability in Nikunj Soni Easy WP Cleaner plugin = 1.9 versions...

SUSE CVE-2011-4203

CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable...

PT-2022-22052 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins CRX Content Package Deployer Plugin versions 1.9 and earlier Description: The issue is a stored cross-site scripting XSS vulnerability that occurs because the plugin does not escape the name and description of CRX Content Package Choi...

PT-2022-20421 · Jenkins · Jenkins Promoted Builds (Simple) Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Promoted Builds Simple Plugin versions 1.9 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the name and description of Promotion Level parameters on views displaying...

CVE-2020-7570

A CWE-79 Improper Neutralization of Input During Web Page Generation Cross-site Scripting Stored vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to incorrect...