3 matches found
CVE-2026-49781
The CVE-2026-49781 entry describes an unauthenticated PHP Object Injection in the WordPress OttoKit plugin, affected versions
CVE-2025-68036
Missing Authorization vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CubeWP: from n/a through = 1.1.27...
PT-2024-27862 · Unknown · Bradmax Player
Name of the Vulnerable Software and Affected Versions: Bradmax Player versions 1.1.27 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...