WordPress Zoho ZeptoMail plugin <= 3.2.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Zoho ZeptoMail versions = 3.2.9...

CVE-2026-42216

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

CVE-2026-42217

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

CVE-2026-42217

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

WordPress plugin Advanced Classifieds & Directory Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...

Exploit for CVE-2025-50428

!CVEhttps://img.shields.io/badge/CVE-2025--50428-high?style=f...

CVE-2025-47481

CVE-2025-47481 affects the WordPress plugin GS Testimonial Slider (versions up to and including 3.2.9). It is described as an 'Improp er Control of Generation of Code' (Code Injection) vulnerability that enables content injection due to improper code-generation control. Public references in conne...

PT-2025-4425 · Unknown · Templatesnext Toolkit

Name of the Vulnerable Software and Affected Versions: TemplatesNext ToolKit versions 3.2.9 and earlier Description: The issue affects TemplatesNext ToolKit, allowing Stored XSS due to improper neutralization of input during web page generation. This enables an attacker to inject malicious script...

CVE-2024-11684

The Kudos Donations – Easy donations and payments with Mollie plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

CVE-2024-49697

Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 3.2.9...

PT-2024-33650 · WordPress · Wp Sunshine Sunshine Photo Cart

Name of the Vulnerable Software and Affected Versions: WP Sunshine Sunshine Photo Cart versions 3.2.9 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For WP...