5232 matches found
EUVD-2026-4528
Malicious code in domino-elements npm...
Malicious code in domino-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d29d322166d012b639664f1711c5c9ca4353508a8ffa2e48eb5b7b14bbda296 The package domino-elements was found to contain malicious code...
MAL-2026-478 Malicious code in domino-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d29d322166d012b639664f1711c5c9ca4353508a8ffa2e48eb5b7b14bbda296 The package domino-elements was found to contain malicious code...
WordPress plugin Neoforum security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. Versions of...
CVE-2026-23978
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...
CVE-2025-63026
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Restaurant Theme Elements for Elementor grandrestaurant-elementor allows Stored XSS.This issue affects Grand Restaurant Theme Elements for Elementor: from n/a through = 2.1.1...
CVE-2026-23978
CVE-2026-23978 affects the WordPress plugin Gyan Elements (gyan-elements) up to version 2.2.1. It is a Local File Inclusion via improper control of the filename in include/require statements, exploitable by an authenticated contributor+. CVSS v3.1 base score 7.5 (HIGH); impact on confidentiality,...
CVE-2026-23978 WordPress Gyan Elements plugin <= 2.2.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...
CVE-2026-23978
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...
CVE-2026-23978 WordPress Gyan Elements plugin <= 2.2.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...
CVE-2025-63026 WordPress Grand Restaurant Theme Elements for Elementor plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Restaurant Theme Elements for Elementor grandrestaurant-elementor allows Stored XSS.This issue affects Grand Restaurant Theme Elements for Elementor: from n/a through = 2.1.1...
CVE-2025-63026
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Restaurant Theme Elements for Elementor grandrestaurant-elementor allows Stored XSS.This issue affects Grand Restaurant Theme Elements for Elementor: from n/a through = 2.1.1...
USN-7974-1 libxml2 vulnerabilities
It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog files. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. CVE-2025-8732 It was discovered that libxml2 incorrectly handled recursive include...
PT-2026-4248
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...
WordPress plugin Gyan Elements has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-4001
Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Restaurant Theme Elements for Elementor versions through 2.1.1 Description The software contains a flaw related to improper input handling during web page generation, which can lead to Cross-site Scripting XSS. This allows for...
WordPress plugin CleverReach has a SQL injection vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Aida Hotel Guest Hotspot security vulnerability
Aida Hotel Guest Hotspot is a hotel WiFi system developed by the Turkish company Aida. Versions of Aida Hotel Guest Hotspot prior to 22012026 contained a security vulnerability caused by improper handling of special elements, which could lead to SQL injection attacks...
Medium: python
Issue Overview: When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents. CVE-2025-12084 Affected Packages: python Note: This advisory ...
MiracleLinux 7 : firefox-128.5.1-1.0.1.el7.AXS7 (AXSA:2024-9409:41)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9409:41 advisory. firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims CVE-2024-11694 firefox: thunderbird: Unhandled Exception in Add-on...