WordPress plugin Gravity SMTP 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Easy Invoice 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin <= 2.1.4 - Unauthenticated Server-Side Request Forgery vulnerability

Unauthenticated Server-Side Request Forgery vulnerability discovered by Rafshanzani Suhada in WordPress Plugin PopupKit versions = 2.1.4...

EUVD-2024-54906

Malicious code in bioql PyPI...

WordPress plugin AutoCatSet 跨站请求伪造漏洞

AutoCatSet is an automatic post categorization plugin for the WordPress platform. A cross-site request forgery vulnerability exists in AutoCatSet 2.1.4 and earlier versions, which stems from the autocatsetajax function not properly implementing a random number validation mechanism. An attacker ca...

Apache StreamPark SQL Injection Vulnerability

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. A SQL injection vulnerability exists in Apache StreamPark versions 2.1.4 through 2.1.6 and earlier, which stems from the application's lack of validation of externally entered S...

CVE-2024-48988

SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. This vulnerability is present only in the distribution package SpringBoot platform and does not involve Maven...

CVE-2024-48988

SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. This vulnerability is present only in the distribution package SpringBoot platform and does not involve Maven...

CVE-2024-48988 Apache StreamPark: SQL injection vulnerability

SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. This vulnerability is present only in the distribution package SpringBoot platform and does not involve Maven...

PT-2025-34477 · Apache · Apache Streampark

Name of the Vulnerable Software and Affected Versions: Apache StreamPark versions 2.1.4 through 2.1.5 Description: A SQL Injection vulnerability exists in Apache StreamPark. This issue is present only in the distribution package SpringBoot platform and does not involve Maven artifacts. Exploitati...

NamelessMC 安全漏洞

NamelessMC is a free, easy to use and powerful website software from the NamelessMC team. For your Minecraft server, which contains tons of features. A security vulnerability exists in NamelessMC 2.1.4 and earlier versions, which stems from a lack of length validation for the s parameter in the...

WordPress plugin Bug Library SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Hacklog DownloadManager plugin <=2.1.4 - CSRF to Arbitrary File Upload vulnerability

CSRF to Arbitrary File Upload vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Hacklog DownloadManager versions = 2.1.4...

PT-2024-19259 · WordPress · Luckywp Table Of Contents

Name of the Vulnerable Software and Affected Versions: LuckyWP Table of Contents WordPress plugin versions 2.1.4 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability ...

WordPress Custom Fonts – Host Your Fonts Locally plugin <= 2.1.4 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by James Myers ConfidenceRemainsHigh in WordPress Plugin Custom Fonts – Host Your Fonts Locally versions = 2.1.4...

CVE-2024-2119

The LuckyWP Table of Contents plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the attrs parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...

PT-2024-22710 · Unknown · Jordy Meow Ai Engine: Chatgpt Chatbot

Name of the Vulnerable Software and Affected Versions: Jordy Meow AI Engine: ChatGPT Chatbot versions n/a through 2.1.4 Description: The issue is a Server-Side Request Forgery SSRF vulnerability. It affects the AI Engine: ChatGPT Chatbot. There is no information provided about the estimated numbe...

BIT-TENSORFLOW-2021-29536 Heap buffer overflow in `QuantizedReshape`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization. This is because the...

BIT-TENSORFLOW-2021-29566 Heap OOB access in `Dilation2DBackpropInput`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to tf.rawops.Dilation2DBackpropInput. This is because the...

CVE-2023-27446

Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.1.4 versions...