Linux Distros Unpatched Vulnerability : CVE-2026-40169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an ou...

EUVD-2026-20152

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

CVE-2026-39484 WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

CVE-2026-39484

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Or Benit in WordPress Plugin Hide My WP Ghost versions 7.0.00...

CVE-2025-32355

CVE-2025-32355 affects Rocket TRUfusion Enterprise up to version 7.10.4.0, where the built-in reverse proxy can be misconfigured to accept absolute URLs in the HTTP request line. This enables server-side requests to load arbitrary resources via the proxy, constituting a server-side request forger...

CVE-2025-12748 affecting package libvirt for versions less than 7.10.0-11

CVE-2025-12748 affecting package libvirt for versions less than 7.10.0-11. A patched version of the package is available...

CVE-2025-67922

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Reflected XSS.This issue affects Grand Restaurant: from n/a through 7.0.9...

CVE-2025-67922

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Reflected XSS.This issue affects Grand Restaurant: from n/a through 7.0.9...

CVE-2025-67544 WordPress Shopkeeper Extender plugin < 7.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Get Bowtied Shopkeeper Extender shopkeeper-extender allows Stored XSS.This issue affects Shopkeeper Extender: from n/a through 7.0...

PT-2025-49920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Get Bowtied Shopkeeper Extender shopkeeper-extender allows Stored XSS.This issue affects Shopkeeper Extender: from n/a through 7.0...

AZL-70199 CVE-2025-12748 affecting package libvirt for versions less than 7.10.0-11

A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvirt to allocate too...

CVE-2025-61593 Cursor CLI Agent: Sensitive File Overwrite Bypass

Cursor is a code editor built for programming with AI. In versions 1.7 and below, a vulnerability in the way Cursor CLI Agent protects its sensitive files i.e. /.cursor/cli.json allows attackers to modify the content of the files through prompt injection, thus achieving remote code execution. A...

WordPress SUMO Memberships for WooCommerce plugin < 7.8.0 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by 0xd4rk5id3 in WordPress Plugin SUMO Memberships for WooCommerce versions 7.8.0...

Linux Distros Unpatched Vulnerability : CVE-2021-29428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and...

CVE-2025-30964

Server-Side Request Forgery SSRF vulnerability in ThemeGoods Photography photography allows Server Side Request Forgery.This issue affects Photography: from n/a through 7.7.6...

WordPress Site Reviews plugin < 7.2.5 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Site Reviews versions 7.2.5...

CVE-2022-2218

Cross-site Scripting XSS - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0...

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

WordPress The Post Grid plugin < 7.5.0 - Editor+ Stored XSS via Grid Creation vulnerability

Editor+ Stored XSS via Grid Creation vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin The Post Grid versions 7.5.0...