CVE-2026-6268 EventPress < 22.2 – Reflected Cross-Site Scripting

The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpresscustomizernotifydismissaction AJAX handler before outputting it back in the response, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting attacks against logged-in...

Intel Advanced Link Analyzer Pro 代码问题漏洞

Intel Advanced Link Analyzer is an advanced link analyzer from Intel Corporation USA. Intel Advanced Link Analyzer Pro versions prior to 22.2 and Standard edition prior to 22.1.1 are vulnerable to elevation of privilege, which can be exploited by attackers to perform local elevation of privilege...