CVE-2026-48865

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress LearnPress allows Reflected XSS. This issue affects LearnPress: from n/a through 4.3.6...

CVE-2026-32448

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress allows Stored XSS.This issue affects Podlove Podcast Publisher: from n/a through = 4.3.3...

WordPress plugin miniOrange OTP Verification and SMS Notification for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-54336

Name of the Vulnerable Software and Affected Versions OpenHook versions through 4.3.1 Description A Cross-Site Request Forgery CSRF issue exists in OpenHook, potentially allowing attackers to perform actions on behalf of authenticated users. This occurs due to insufficient protection against forg...

EUVD-2025-28501

Malicious code in bioql PyPI...

WordPress Profile Widget Ninja plugin <= 4.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Profile Widget Ninja versions = 4.3...

PT-2025-7744 · Unknown · Profile Widget Ninja

Name of the Vulnerable Software and Affected Versions: Profile Widget Ninja versions through 4.3 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can lead to Cross-site Scripting attacks. Recommendations: For...

Dell AppSync Server 代码问题漏洞

Dell AppSync Server is a copy data management software from Dell USA. An XML external entity injection vulnerability exists in Dell AppSync Server versions 4.3 through 4.6, which arises from a networked system or product that does not have the correct filters in place to allow references to...

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle versions 4.3 through 4.3.3, which stems from an insufficient check to see if ReCAPTCHA is...

DEBIAN-CVE-2020-5247

In Puma RubyGem before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters i.e. CR, LF or/r, /n to end the header and inject malicious content, such as additional headers or an entirely new response body. This...

SAP Business Objects Business Intelligence Platform Cross-Site Request Forgery Vulnerability

SAP Business Objects Business Intelligence Platform is a suite of bookstore intelligence software and enterprise performance solutions from Germany's SAP. The product features report generation, analytics and data visualization. A cross-site request forgery vulnerability exists in SAP...

UBUNTU-CVE-2019-18886

An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security...

CVE-2019-0333

In some situations, when a client cancels a query in SAP BusinessObjects Business Intelligence Platform Web Intelligence, versions 4.2, 4.3, the attacker can then query and receive the whole data set instead of just what is part of their authorized security profile, resulting in Information...

NetIQ Access Manager Administration Console Cross-Site Scripting Vulnerability

NetIQ Access Manager NAM is a resource access control solution from NetIQ Corporation. The solution provides multiple authentication, data encryption, single sign-on and SSL VPN for local and remote users.Administration Console is one of the administration console programs. A cross-site scripting...