WordPress Broken Link Checker plugin <= 2.4.4 - Missing Autorization to Authenticated (Subscriber+) Plugin Status Dashboard View vulnerability

Missing Autorization to Authenticated Subscriber+ Plugin Status Dashboard View vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin Broken Link Checker versions = 2.4.4...

CVE-2025-48068 Information exposure in Next.js dev server due to lack of origin verification

Next.js is a React framework for building full-stack web applications. In versions starting from 13.0 to before 14.2.30 and 15.0.0 to before 15.2.2, Next.js may have allowed limited source code exposure when the dev server was running with the App Router enabled. The vulnerability only affects...

VulnCheck KEV: CVE-2025-31125

Vite Vitejs contains an improper access control vulnerability that exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network using --host or server.host config option are affected...

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.21.0 release

Red Hat OpenShift Dev Spaces 3.21 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in...

Debian dla-4184 : libyelp-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4184 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4184-1 [email protected] https://www.debian.org/lts/security/...

SUSE CVE-2025-46836

net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities like ifconfig from the net-tools package do not properly validate the structure of /proc files when...

CVE-2025-22744

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Seodev S-DEV SEO s-dev-seo allows Stored XSS.This issue affects S-DEV SEO: from n/a through = 1.88...

CVE-2024-25592

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV Broken Link Checker allows Stored XSS.This issue affects Broken Link Checker: from n/a through 2.2.3...

CVE-2024-0321

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2024-25595

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1...

CVE-2024-32792

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through = 3.7.3...

CVE-2024-37239

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Branda branda-white-labeling.This issue affects Branda: from n/a through = 3.4.17...

CVE-2024-43117

Cross-Site Request Forgery CSRF vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through = 3.9.1...

CVE-2024-43118

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This issue affects Hummingbird: from n/a through = 3.9.1...

CVE-2024-37444

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Defender Security defender-security.This issue affects Defender Security: from n/a through = 4.7.1...

CVE-2023-3348

The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the local...

CVE-2023-41863

Unauth. Stored Cross-Site Scripting XSS vulnerability in Pepro Dev. Group PeproDev CF7 Database plugin = 1.7.0 versions...

CVE-2023-51490

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0...

CVE-2023-46621

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Enej Bajgoric / Gagan Sandhu / CTLT DEV User Avatar plugin = 1.4.11 versions...

CVE-2023-5595

Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV...