453 matches found
WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting
WordPress Anti-Malware Security and Brute-Force Firewall plugin before 4.21.83 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in an admin dashboard. id: CVE-2022-2599 info: name: WordPress Anti-Malware Security an...
EUVD-2026-36938
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
CVE-2026-39478
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
CVE-2026-39478 WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.87 - PHP Object Injection vulnerability
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
PT-2026-49380
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
CVE-2021-47977
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicatordownload action via admin-ajax.php wit...
CVE-2021-47977 WordPress Anti-Malware Security Bruteforce Firewall <= 4.20.72 Directory Traversal
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicatordownload action via admin-ajax.php wit...
EUVD-2021-34837
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the duplicatordownload action via admin-ajax.php wit...
CVE-2021-47977
CVE-2021-47977 affects the WordPress plugin Anti-Malware Security and Bruteforce Firewall 4.20.59. It describes a directory traversal vulnerability where unauthenticated attackers can read arbitrary files by manipulating the file parameter via the duplicator_download action in admin-ajax.php, usi...
PT-2026-41463
Name of the Vulnerable Software and Affected Versions Anti-Malware Security and Bruteforce Firewall version 4.20.59 Description A directory traversal issue allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attackers can send requests to the 'duplicator...
WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.87 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Anti-Malware Security and Brute-Force Firewall versions = 4.23.87...
Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass (cisco-sa-wsa-archive-bypass-Scx2e8zF)
According to its self-reported version, Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass is affected by a vulnerability. - A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an...
CVE-2026-20056
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
CVE-2026-20056
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
CVE-2026-20056 Cisco Secure Web Appliance TBD Bypass Vulnerability
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
CVE-2026-20056
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
EUVD-2026-5425
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
CVE-2026-20056
Cisco AsyncOS for Cisco Secure Web Appliance is affected by a DVS Engine vulnerability (CVE-2026-20056) that can allow an unauthenticated remote attacker to bypass the anti‑malware scanner and cause download of malicious archive files. The issue stems from improper handling of certain archives, e...
Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
Cisco Secure Web Appliance 安全漏洞
Cisco Secure Web Appliance is an application developed by the American company Cisco. It is used to protect websites. There is a security vulnerability in Cisco Secure Web Appliance, which stems from the dynamic vector and stream engine’s improper handling of certain archive files. This...