CVE-2026-4946

Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation which is intended for trusted, user-authored comments is...

CVE-2026-4946

Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation which is intended for trusted, user-authored comments is...

PT-2026-28677

Name of the Vulnerable Software and Affected Versions Ghidra versions prior to 12.0.3 Description The software improperly processes annotation directives embedded in automatically extracted binary data, leading to arbitrary command execution when a user interacts with the user interface. The...

Improper Restriction of Rendered UI Layers or Frames

Overview Affected versions of this package are vulnerable to Improper Restriction of Rendered UI Layers or Frames in comments. An attacker can cause users to be redirected to a malicious page by injecting CSS that transforms the entire wiki interface into a clickable link area. Remediation Upgrad...

Exploit for CVE-2026-20841

CVE-2026-20841 - Windows Notepad RCE PoC for a remote code ex...

Exploit for CVE-2026-20841

CVE-2026-20841 - Windows Notepad RCE PoC for a remote code ex...

CVE-2025-65924

ERPNext thru 15.88.1 does not sanitize or remove certain HTML tags specifically hyperlinks in fields that are intended for plain text. Although JavaScript is blocked preventing XSS, the HTML is still preserved in the generated PDF document. As a result, an attacker can inject malicious clickable...

CVE-2025-63033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elementor allows Stored XSS.This issue affects Make Section & Column Clickable For Elementor: from n/a throu...

EUVD-2025-201989

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elementor allows Stored XSS.This issue affects Make Section & Column Clickable For Elementor: from n/a throu...

CVE-2025-63033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elementor allows Stored XSS.This issue affects Make Section & Column Clickable For Elementor: from n/a throu...

CVE-2025-63033 WordPress Make Section & Column Clickable For Elementor plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elementor allows Stored XSS.This issue affects Make Section & Column Clickable For Elementor: from n/a throu...

CVE-2025-63033 WordPress Make Section & Column Clickable For Elementor plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elementor allows Stored XSS.This issue affects Make Section & Column Clickable For Elementor: from n/a throu...

CVE-2025-63033

CVE-2025-63033 concerns the WordPress plugin Make Section & Column Clickable For Elementor (versions ≤ 2.3). It enables Stored XSS due to improper input neutralization during web page generation. Wordfence’s vulnerability summary indicates patching in the 2.4 release, mitigating the issue; Patchs...

WordPress plugin Make Section Column Clickable For Elementor 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that provides the ability to set up a personal blog site on a PHP and MySQL based server. A cross-site scripti...

WordPress Make Section & Column Clickable For Elementor plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Mdr in WordPress Plugin Make Section & Column Clickable For Elementor versions = 2.4...

EUVD-2018-16952

Malware in sbrugna...

EUVD-2019-19324

Malware in sbrugna...

EUVD-2019-2108

Malware in sbrugna...

EUVD-2025-30468

Malicious code in bioql PyPI...

WordPress plugin Interactive Human Anatomy with Clickable Body Parts 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...