84 matches found
CVE-2024-37496
CVE-2024-37496 concerns the WordPress Metro Magazine theme (
CVE-2026-3488
The WP Statistics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14.16.4. This is due to missing capability checks on multiple AJAX handlers including wpstatisticsgetfilters, wpstatisticsgetPrivacyStatus, wpstatisticsupdatePrivacyStatus, and...
CVE-2026-34772
A flaw was found in Electron, a framework used for developing cross-platform desktop applications. This vulnerability, known as a use-after-free, affects applications that manage downloads and actively terminate user sessions. It occurs when a user dismisses a file save dialog while the applicati...
CVE-2026-1277
The URL Shortify plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.12.1 due to insufficient validation on the 'redirectto' parameter in the promotional dismissal handler. This makes it possible for unauthenticated attackers to redirect users to potentiall...
CVE-2026-1277
The URL Shortify plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.12.1 due to insufficient validation on the 'redirectto' parameter in the promotional dismissal handler. This makes it possible for unauthenticated attackers to redirect users to potentiall...
CVE-2026-1277
The URL Shortify plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.12.1 due to insufficient validation on the 'redirectto' parameter in the promotional dismissal handler. This makes it possible for unauthenticated attackers to redirect users to potentiall...
CVE-2026-24985
The CVE-2026-24985 entry describes a Missing Authorization/Broken Access Control vulnerability in the approveme WP Forms Signature Contract Add-On for WordPress, affecting versions up to and including 1.8.2. The issue stems from incorrectly configured access control security levels, enabling unau...
CVE-2026-24985 WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
CVE-2026-24985 WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability
Broken Access Control to Notice Dismissal vulnerability discovered by Nabil Irawan in WordPress Plugin WP Forms Signature Contract Add-On versions = 1.8.2...
SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny
The U.S. Securities and Exchange Commission SEC has abandoned its lawsuit against SolarWinds and its chief information security officer, alleging that the company had misled investors about the security practices that led to the 2020 supply chain attack. In a joint motion filed November 20, 2025,...
CVE-2025-64294 WordPress WP Snow Effect plugin <= 1.1.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in d3wp WP Snow Effect wp-snow-effect allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Snow Effect: from n/a through = 1.1.19...
CVE-2025-64294
CVE-2025-64294 – WordPress WP Snow Effect : The WP Snow Effect plugin (d3wp) versions up to and including 1.1.15 suffer a Missing Authorization vulnerability where a user can access functionality not properly constrained by ACLs. The issue is described as missing authorization to access restricte...
CVE-2025-64296 WordPress Facebook for WooCommerce plugin <= 3.5.7 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in Facebook Facebook for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through 3.5.7...
CVE-2025-64296 WordPress Facebook for WooCommerce plugin <= 3.5.7 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in Facebook Facebook for WooCommerce facebook-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through = 3.5.7...
EUVD-2009-0958
Malware in sbrugna...
EUVD-2023-38334
Malicious code in bioql PyPI...
EUVD-2022-46481
Malicious code in bioql PyPI...
EUVD-2023-59672
Malicious code in bioql PyPI...
EUVD-2021-3604
Malicious code in bioql PyPI...