CVE-2026-27787

Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product...

Local Deep Research 安全漏洞

Local Deep Research is an AI search assistant open-sourced by LearningCircuit. A security vulnerability exists in Local Deep Research version 1.3.0 through versions prior to 1.3.9 that stems from the download service not using SSRF protection, which could lead to a server-side request forgery...

WordPress plugin Product Subtitle for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin Integration for Contact Form 7 and Salesforce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress users-customers-import-export-for-wp-woocommerce injection vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. users-customers-import-export-for-wp-woocommerce is a user import and export plugin used in it. A security vulnerability exists in...