WordPress Downloable by American Osteopathic Association plugin <= 0.1.0 - Unauthenticated SSRF vulnerability

Unauthenticated SSRF vulnerability discovered by Aly Khaled in WordPress Plugin Aoa Downloadable versions = 0.1.0...

EUVD-2017-9200

Malware in sbrugna...

UBUNTU-CVE-2022-50431

In the Linux kernel, the following vulnerability has been resolved: ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev devsetname in soundbusaddone allocates memory for name, it need be freed when ofdeviceregister fails, call soundbusdevput to give up the reference that hold in...

Ransomware Surge Hits US Healthcare: AOA, DaVita and Bell Ambulance Breached

AOA, DaVita, and Bell Ambulance hit by ransomware in 2025. Over 245K affected as hackers steal patient data,…...

CVE-2024-13618

The aoa-downloadable WordPress plugin through 0.1.0 lacks authorization and authentication for requests to its download.php endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs...

CVE-2024-13617

The aoa-downloadable WordPress plugin through 0.1.0 doesn't validate a parameter in its download function, allowing unauthenticated attackers to download arbitrary files from the server...

CVE-2024-13617 Downloable by American Osteopathic Association <= 0.1.0 - Unauthenticated Arbitrary File Download

The aoa-downloadable WordPress plugin through 0.1.0 doesn't validate a parameter in its download function, allowing unauthenticated attackers to download arbitrary files from the server...

WordPress plugin aoa-downloadable 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

PT-2025-12757 · WordPress · Aoa-Downloadable

Name of the Vulnerable Software and Affected Versions: aoa-downloadable WordPress plugin version 0.1.0 Description: The issue concerns a lack of authorization and authentication for requests to the "download.php" endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs...

WordPress plugin aoa-downloadable 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

PT-2025-12756 · WordPress · Aoa-Downloadable

Name of the Vulnerable Software and Affected Versions: aoa-downloadable WordPress plugin version 0.1.0 Description: The issue concerns the aoa-downloadable WordPress plugin, which fails to validate a parameter in its download function. This allows unauthenticated attackers to download arbitrary...

Malicious code in @ikea-aoa/component-store-selector (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in @ikea-aoa/component-lightbox (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in @ikea-aoa/component-financial-services (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2023-1024 Malicious code in @ikea-aoa/component-text (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a7eb8663a77a76b087087ae0d7313f1e7e50f71695a76b02e73d72e08467c8c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @ikea-aoa/component-price-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7f7e0211ea2009802ec566e645d03e557dda0a2f62f2546df574ab757ab095d2 The OpenSSF Package Analysis project identified '@ikea-aoa/component-price-module' @ 99.0.1 npm as malicious. It is considered malicious because...

GSD-2022-1007551 ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()

ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.298 by commit...

GSD-2022-1007459 ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()

ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.264 by commit...

GSD-2022-1006943 ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()

ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.77 by commit...

GSD-2022-1006624 ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()

ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...