WordPress Wp Ultimate Review plugin <= 2.3.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Wp Ultimate Review versions = 2.3.7...

CVE-2024-45301

Mintty (Cygwin/MSYS/WSL terminal) versions 2.3.6–3.7.4 contain an input-handling flaw where certain escape sequences can cause the process to access a file along a specific path. Triggered by printing those sequences in bash, this can enable an attacker to specify an arbitrary network path and ob...

EUVD-2025-30700

Malicious code in bioql PyPI...

CVE-2025-47446 WordPress Listamester <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in listamester Listamester allows Cross Site Request Forgery. This issue affects Listamester: from n/a through 2.3.6...

WordPress plugin OnePress 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

PT-2024-24423 · Freshworks · Freshdesk

Name of the Vulnerable Software and Affected Versions: Freshdesk versions through 2.3.6 Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This vulnerability affects Freshworks Freshdesk, allowing redirection to untrusted site...

CVE-2023-49837

A vulnerability in David Artiss Code Embed simple-embed-code.This issue affects Code Embed: from n/a through = 2.3.6...

PT-2021-2186 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to an access control bypass vulnerability in the Login as Customer module. Successful exploitation...

PT-2021-2188 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to OS command injection via the WebAPI, which could lead to remote code execution by an authenticate...

Devaldi FlexPaper Code Execution Vulnerability

Devaldi FlexPaper is a New Zealand Devaldi company's a lightweight Web-based PDF document viewing components . A code execution vulnerability exists in Devaldi FlexPaper version 2.3.6 and earlier versions, which can be exploited by remote attackers to execute code...

Percona XtraBackup Information Disclosure Vulnerability

Percona XtraBackup is the U.S. Percona company's set of open source used to backup MySQL InnoDB database tools. An information disclosure vulnerability exists in xbcrypt in Percona XtraBackup versions prior to 2.3.6 and 2.4.x versions prior to 2.4.5, which stems from the program failing to proper...