334 matches found
Malicious code in @zalastax/nolb-dn (npm)
The package @zalastax/nolb-dn was found to contain malicious code...
MAL-2025-11179 Malicious code in @zalastax/nolb-dn (npm)
The package @zalastax/nolb-dn was found to contain malicious code...
MAL-2025-9936 Malicious code in @zalastax/nolb-_dn (npm)
The package @zalastax/nolb-dn was found to contain malicious code...
CVE-2024-11842
The DN Shipping by Weight for WooCommerce WordPress plugin before 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2025-32535
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Shipping by Weight for WooCommerce dn-shipping-by-weight allows Reflected XSS.This issue affects DN Shipping by Weight for WooCommerce: from n/a through = 1.2...
CVE-2025-32535
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Shipping by Weight for WooCommerce dn-shipping-by-weight allows Reflected XSS.This issue affects DN Shipping by Weight for WooCommerce: from n/a through = 1.2...
CVE-2025-32535 WordPress DN Shipping by Weight for WooCommerce Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Shipping by Weight for WooCommerce allows Reflected XSS. This issue affects DN Shipping by Weight for WooCommerce: from n/a through 1.2...
CVE-2025-32535
CVE-2025-32535 describes a Reflected XSS in the WordPress plugin Shipping by Weight for WooCommerce (DN Shipping by Weight). Affected versions include up to 1.2; attack vector is network-based with user interaction (REFLECTED XSS). The CVE’s base metrics indicate a HIGH impact on confidentiality,...
PT-2025-17106 · Woocommerce · Dn Shipping By Weight For Woocommerce
Name of the Vulnerable Software and Affected Versions: DN Shipping by Weight for WooCommerce versions 1.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means an...
389-ds-base: null pointer dereference leads to denial of service
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...
389-ds-base: null pointer dereference leads to denial of service
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...
CVE-2025-31839
Cross-Site Request Forgery CSRF vulnerability in digireturn DN Footer Contacts dn-footer-contacts allows Cross Site Request Forgery.This issue affects DN Footer Contacts: from n/a through = 1.8.1...
CVE-2025-31839
Cross-Site Request Forgery CSRF vulnerability in digireturn DN Footer Contacts dn-footer-contacts allows Cross Site Request Forgery.This issue affects DN Footer Contacts: from n/a through = 1.8.1...
WordPress plugin DN Footer Contacts 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
SUSE CVE-2025-2487
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...
CVE-2025-2487
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...
CVE-2025-2487
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...
CVE-2025-2487
CVE-2025-2487 affects the 389-ds-base LDAP server. The vulnerability stems from a path where a Modify DN (MODDN) operation can trigger a NULL pointer dereference when the operation sequence follows a failed operation, allowing a privileged, unauthenticated or authenticated user to cause a Denial ...
PT-2025-11631
Name of the Vulnerable Software and Affected Versions 389-ds-base LDAP Server affected versions not specified Description A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not...
CVE-2025-23753
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Sitemap Control dn-sitemap-control allows Reflected XSS.This issue affects DN Sitemap Control: from n/a through = 1.0.6...