31 matches found
SUSE CVE-2026-31435
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix read abandonment during retry Under certain circumstances, all the remaining subrequests from a read request will get abandoned during retry. The abandonment process expects the 'subreq' variable to be set to the place...
EUVD-2026-24758
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix read abandonment during retry Under certain circumstances, all the remaining subrequests from a read request will get abandoned during retry. The abandonment process expects the 'subreq' variable to be set to the place...
CVE-2026-31435
Summary: CVE-2026-31435 affects the Linux kernel netfs read-abandonment path during retries. The root cause is an uninitialized/invalid subreq pointer used in the abandonment flow, which can lead to abandoning remaining subrequests incorrectly and may cause a kernel oops/DoS. Several connected ad...
PT-2026-34340
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix read abandonment during retry Under certain circumstances, all the remaining subrequests from a read request will get abandoned during retry. The abandonment process expects the 'subreq' variable to be set to the place...
WordPress WooCommerce Cart Abandonment Recovery plugin < 2.1.0 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WooCommerce Cart Abandonment Recovery versions 2.1.0...
EUVD-2023-55590
Malicious code in bioql PyPI...
XWorm V6: Exploring Pivotal Plugins
XWorm V6: Exploring Pivotal Plugins By Niranjan Hegde and Sijo Jacob · October 2, 2025 Introduction In the constantly evolving world of cyber threats, staying informed is not just an advantage; it's a necessity. First observed in 2022, XWorm quickly gained notoriety as a highly effective malware,...
WordPress plugin Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
VulnCheck KEV: CVE-2025-1562
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the installoractivateaddonplugins function and a weak nonce hash...
PT-2025-25777 · Funnelkit · Recover Woocommerce Cart Abandonment
Name of the Vulnerable Software and Affected Versions: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit versions up to, and including, 3.5.3 Description: The issue is related to a missing capability check on the install or activate addon plugins...
CVE-2023-50857
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...
CVE-2024-9186
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin before 3.3.0 does not sanitize and escape the bwfan-track-id parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...
PT-2024-39476 · Funnelkit · Recover Woocommerce Cart Abandonment
Name of the Vulnerable Software and Affected Versions: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin versions prior to 3.3.0 Description: The issue allows unauthenticated users to perform SQL injection attacks due to the lack...
SUSE CVE-2024-41965
Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a nam...
DEBIAN-CVE-2024-41965
Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a nam...
AZL-47355 CVE-2024-41965 affecting package vim for versions less than 9.0.2121-4
Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a nam...
WordPress WooCommerce Cart Abandonment Recovery plugin < 1.2.27 - Templates/Abandoned Orders Deletion via CSRF vulnerability
Templates/Abandoned Orders Deletion via CSRF vulnerability discovered by Erwan LR WPScan in WordPress Plugin WooCommerce Cart Abandonment Recovery versions 1.2.27...
CVE-2024-2322
The WooCommerce Cart Abandonment Recovery WordPress plugin before 1.2.27 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admins delete arbitrary email templates as well as delete and unsubscribe users from abandoned orders via CSRF attacks...
WordPress plugin WooCommerce Cart Abandonment Recovery 漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress WooCommerce Cart Abandonment Recovery Plugin < 1.2.27 is vulnerable to Cross Site Request Forgery (CSRF)
Software WooCommerce Cart Abandonment Recovery Type Plugin Vulnerable versions 1.2.27 Fixed in 1.2.27 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2322 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 266dfc803e4a Credit...