CVE-2025-68867

CVE-2025-68867 affects the WordPress plugin Effect Maker (effect-maker) by anibalwainstein. The issue is authenticated, stored Cross-Site Scripting in Effect Maker

CVE-2025-68867 WordPress Effect Maker plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in anibalwainstein Effect Maker effect-maker allows DOM-Based XSS.This issue affects Effect Maker: from n/a through = 1.2.1...

WordPress plugin Effect Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2026-1922

Name of the Vulnerable Software and Affected Versions anibalwainstein Effect Maker versions through 1.2.1 Description The software contains a flaw related to improper input handling during web page creation, specifically a DOM-Based Cross-Site Scripting XSS issue. This allows for the potential...

PT-2026-27714

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to HID Human Interface Device and PIDFF Protocol Interface for Force Feedback. The issue involves incorrect clearing of conditional effect bits,...

WordPress Effect Maker plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Effect Maker versions = 1.2.1...

ASUS Router Authentication Bypass Vulnerability (CNVD-2025-29936)

ASUS Router is a router product and accompanying management application from ASUS, primarily used for wireless connectivity and management of home and business networks. An authentication bypass vulnerability exists in ASUS Router, which stems from an unexpected side effect of Samba functionality...

CVE-2025-59366

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware...

CVE-2025-59366

The CVE-2025-59366 issue affects AiCloud, with a critical authentication bypass caused by an unintended side effect of Samba functionality. PT-2025-48017 lists affected AiCloud versions prior to 3.0.0.4 386/388/0.6 102 and describes the vulnerability as allowing execution of specific router funct...

CVE-2025-59366

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware...

PT-2025-48017

Name of the Vulnerable Software and Affected Versions AiCloud versions prior to 3.0.0.4 386/388/0.6 102 Description An authentication bypass issue exists in AiCloud due to an unintended side effect of the Samba functionality. This allows execution of specific functions without proper authorizatio...

CVE-2025-59840

A cross-site scripting XSS vulnerability has been identified in the Vega visualization library when applications accept user-supplied Vega specifications and expose Vega objects on the global browser window. An attacker can craft a malicious Vega specification that triggers hidden JavaScript...

MAL-2025-177789 Malicious code in polymer-arash-erddg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b437e88376d79809879ef3d451393ecf6068efbd22ec1ce772272dd11217997 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-62914

Missing Authorization vulnerability in anibalwainstein Effect Maker effect-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Effect Maker: from n/a through = 1.2.1...

EUVD-2025-38047

Missing Authorization vulnerability in anibalwainstein Effect Maker effect-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Effect Maker: from n/a through = 1.2.1...

CVE-2025-62914

Missing Authorization vulnerability in anibalwainstein Effect Maker effect-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Effect Maker: from n/a through = 1.2.1...

CVE-2025-62914 WordPress Effect Maker plugin <= 1.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in anibalwainstein Effect Maker effect-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Effect Maker: from n/a through = 1.2.1...

CVE-2025-62914 WordPress Effect Maker plugin <= 1.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in anibalwainstein Effect Maker effect-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Effect Maker: from n/a through = 1.2.1...

CVE-2025-62914

CVE-2025-62914 concerns the WordPress plugin Effect Maker (

WordPress plugin Effect Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...