2633 matches found
PT-2026-47132
Name of the Vulnerable Software and Affected Versions Click to Chat – WA Widget versions prior to 4.39 Description The plugin is subject to Stored Cross-Site Scripting. Authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts into pages. This occurs because...
WordPress plugin Click to Chat – WA Widget 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2026-5243
The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to stored cross-site scripting via the menuhoverclick parameter of the Navigation Menu Lite widget in all versions up to, and including, 6.4.11 due to...
CVE-2026-49194
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
WordPress Click to Chat – HoliThemes plugin <= 4.39 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Valatty in WordPress Plugin Click to Chat versions = 4.39...
CVE-2026-49194
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
CVE-2026-49194 SCREEN_CLICK Authentication Bypass
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
EUVD-2026-34213
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
CVE-2026-49194
Technical details about CVE-2026-49194 are not publicly available in the provided documents; monitor for updates.
CVE-2026-49194 SCREEN_CLICK Authentication Bypass
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
Acer M6E 安全漏洞
The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the debugging routine SCREENCLICK5053, which allows connections to completely bypass standard device login prompts and directly...
PT-2026-46152
The debugging routine SCREEN CLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens
Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code VS Code that makes it possible to steal a user's GitHub token. "Just by clicking a link, it's possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones...
Transmission 安全漏洞
Transmission is an open-source BitTorrent client application developed by Transmission. This program primarily provides features such as file downloading. Versions of Transmission 4.1.1 and earlier contained security vulnerabilities, which were due to a click hijacking vulnerability in the...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from click-jacking/cross-scripting attacks involving multiple functions in WindowState.java, potentially leading to local privilege escalatio...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the hide method in WindowState.java. This method allows for click hijacking/cross-session attacks, potentially leading users to grant...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a click hijacking issue in the addWindow function, potentially leading to local privilege escalation...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the InputInterceptor method in Letterbox.java. This method allows for click hijacking/coverage attacks, potentially leading users to...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the startAnimation method in StageCoordinator.java. This method allows for click hijacking/cross-session attacks, potentially leading to...
Exploit for Improper Authentication in Google Android
DEDSECBKIF DEDSECBKIF is a keystroke injection tool for Androi...