WordPress Post SMTP plugin < 2.8.7 - Admin+ SQL Injection vulnerability

Admin+ SQL Injection vulnerability discovered by Alex Sanford in WordPress Plugin Post SMTP versions 2.8.7...

CVE-2023-45755

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in BuddyBoss BuddyPress Global Search plugin = 1.2.1 versions...

CVE-2020-12142

1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative...

CVE-2025-61956

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...

CVE-2025-43027

A critical severity vulnerability has been identified in the ALPR Manager role of Security Center that could allow attackers to gain administrative access to the Genetec Security Center system. The Genetec engineering team discovered this issue internally. There is currently no evidence that this...

EUVD-2020-2592

Malware in sbrugna...

EUVD-2009-4191

Malware in sbrugna...

EUVD-2019-16721

Malware in sbrugna...

EUVD-2004-2629

Malware in sbrugna...

EUVD-2021-1477

Malware in sbrugna...

CVE-2023-23702

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pixelgrade Comments Ratings plugin = 1.1.7 versions...

CVE-2023-2788

Mattermost fails to check if an admin user account active after an oauth2 flow is started, allowing an attacker with admin privileges to retain persistent access to Mattermost by obtaining an oauth2 access token while the attacker's account is deactivated...

CVE-2023-46093

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in LionScripts.Com Webmaster Tools plugin = 2.0 versions...

CVE-2023-23732

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joel James Disqus Conditional Load plugin = 11.0.6 versions...

CVE-2024-11269 AHAthat Plugin <= 1.6 - Admin+ SQL Injection

The AHAthat Plugin WordPress plugin through 1.6 does not sanitize and escape a parameter before using it in a SQL statement, allowing Admin to perform SQL injection attacks...

BRCC Incorrect Access Control vulnerability

Incorrect access control in the /admin/ API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request...

WordPress ENL Newsletter plugin <= 1.0.1 - Admin+ SQL Injection vulnerability

Admin+ SQL Injection vulnerability discovered by Bob Matyas in WordPress Plugin ENL Newsletter versions = 1.0.1...

CVE-2023-40206

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post plugin = 1.0.3 versions...

CVE-2023-38476

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in SuiteDash :: ONE Dashboard® Client Portal : SuiteDash Direct Login plugin = 1.7.6 versions...

CVE-2023-31091

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pradeep Singh Dynamically Register Sidebars plugin = 1.0.1 versions...