5 matches found
CVE-2026-8941 CDN Linker lite <= 1.3.1 - Cross-Site Request Forgery to Plugin Settings Update
The CDN Linker lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the ossdloffoptions function. This makes it possible for unauthenticated attackers to update the plugin's settings ...
Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...
CVE-2025-53431 WordPress Emberlyn theme <= 1.3.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Emberlyn emberlyn allows PHP Local File Inclusion.This issue affects Emberlyn: from n/a through = 1.3.1...
PT-2025-38955
Name of the Vulnerable Software and Affected Versions Kommo Website Chat Button versions through 1.3.1 Description An authorization issue exists in the Kommo Website Chat Button integration, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update...
CVE-2024-53288
Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in NTP Region functionality in Synology Router Manager SRM before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified...