13 matches found
PT-2025-27865 · WordPress · Easy Restaurant Menu Manager
Name of the Vulnerable Software and Affected Versions: Easy Restaurant Menu Manager plugin for WordPress versions up to and including 2.0.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the nsc eprm menu link shortcode. This...
PT-2025-26280 · Unknown · Campcodes Sales/Inventory System
Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file /pages/account add.php. The manipulation of the id/amount argument leads to SQL injection. It is...
PT-2025-23380 · WordPress · The Borderless – Elementor Addons/Templates
Name of the Vulnerable Software and Affected Versions: The Borderless – Elementor Addons and Templates plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, allowing...
PT-2025-22402
Name of the Vulnerable Software and Affected Versions Vasco versions 3.14 and earlier Description The issue allows a remote attacker to obtain sensitive information via the help menu. This is due to a Local File Inclusion vulnerability. Recommendations For versions 3.14 and earlier, consider...
PT-2025-11003 · WordPress · Workreap
Name of the Vulnerable Software and Affected Versions: Workreap plugin for WordPress versions up to, and including, 3.2.5 Description: The issue is due to the plugin not properly validating a user's identity prior to performing a social auto-login or updating their profile details, such as the...
PT-2024-14921 · WordPress · Backup Migration
Name of the Vulnerable Software and Affected Versions: Backup Migration WordPress plugin versions prior to 1.3.6 Description: The issue allows attackers to potentially leak sensitive information from a site's backups by monitoring publicly accessible files that store in-progress backups...
PT-2023-23705 · Getbutton.Io · Getbutton Chat Button
Name of the Vulnerable Software and Affected Versions: GetButton Chat Button by GetButton.Io plugin versions 1.8.9.4 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin privileges can inject...
PT-2023-26811 · Jenkins · Jenkins Qualys Web App Scanning Connector Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Qualys Web App Scanning Connector Plugin versions 2.0.10 and earlier Description: The issue arises from incorrect permission checks in the Jenkins Qualys Web App Scanning Connector Plugin, allowing attackers with global Item/Configure...
PT-2025-18619 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel. The problem occurs when the device add disk function fails, causing memory allocated in wbt enable default to not be...
PT-2023-8606 · Unknown · Xwiki Platform
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 14.10.3 XWiki Platform versions prior to 15.0 RC1 Description: The issue allows a user without script or programming rights to execute arbitrary code by adding a new object of type XWiki.SchedulerJobClass to...
PT-2022-22904 · Tenda · Tenda W6
Name of the Vulnerable Software and Affected Versions: Tenda W6 version 1.0.0.94122 Description: A stack overflow issue exists, which can be exploited to cause a denial of service DoS via the index parameter in the "/goform/wifiSSIDset" API endpoint. Recommendations: For Tenda W6 version...
PT-2022-11483 · Unknown · Fabric 8 Kubernetes Client
Name of the Vulnerable Software and Affected Versions: Fabric 8 Kubernetes client versions 5.0.0-beta-1 and above Description: A flaw was found in the Fabric 8 Kubernetes client due to improperly configured YAML parsing, allowing a local and privileged attacker to supply malicious YAML, which can...
PT-2021-2516 · Tor +4 · Tor +4
Name of the Vulnerable Software and Affected Versions: Tor versions prior to 0.4.5.7 Description: The issue allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target. This is related to an error in the resource consumption control mechanism of the Tor browser'...