11472 matches found
CVE-2026-39536
The CVE-2026-39536 entry concerns the WordPress plugin WP Chill RSVP and Event Management (rsvp) versions
CVE-2026-39536 WordPress RSVP and Event Management plugin <= 2.7.16 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...
CVE-2026-39473
Insertion of Sensitive Information Into Sent Data vulnerability in Pär Thernström Simple History simple-history allows Retrieve Embedded Sensitive Data.This issue affects Simple History: from n/a through = 5.24.0...
CVE-2026-39473 WordPress Simple History plugin <= 5.24.0 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Pär Thernström Simple History simple-history allows Retrieve Embedded Sensitive Data.This issue affects Simple History: from n/a through = 5.24.0...
CVE-2026-39473
The CVE describes a vulnerability in the WordPress Simple History plugin (versions up to and including 5.24.0) where sensitive information can be retrieved due to insertion of sensitive data into sent data. The issue is identified as a data exposure affecting Simple History, with a cryptic root c...
CVE-2026-39469
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through = 2.0.8...
Embedded Malicious Code
Overview @fairwords/loopback-connector-es is a Basic Elasticsearch datasource connector for Loopback. Affected versions of this package are vulnerable to Embedded Malicious Code that mirrors the TeamPCP LiteLLM technique. What the postinstall payload does: - Harvests environment variables matchin...
[SECURITY] Fedora 43 Update: rauc-1.15.2-1.fc43
RAUC is a lightweight update client that runs on your Embedded Linux device and reliably controls the procedure of updating your device with a new firmwa re revision. RAUC is also the tool on your host system that lets you create, inspect and modify update artifacts for your device. Service is no...
PT-2026-31271
Name of the Vulnerable Software and Affected Versions The Tribal versions n/a through 1.3.4 Description The Tribal plugin contains a flaw that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update The Tribal to a version great...
WordPress plugin PageLayer 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-31248
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF Manager: from n/a through = 3.7.2...
PT-2026-31149
Insertion of Sensitive Information Into Sent Data vulnerability in Doofinder Doofinder for WooCommerce doofinder-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Doofinder for WooCommerce: from n/a through = 2.10.13...
PT-2026-31273
Name of the Vulnerable Software and Affected Versions RT-Theme 18 | Extensions versions through 2.5 Description An issue exists in RT-Theme 18 | Extensions that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update RT-Theme 18...
PT-2026-31155
Insertion of Sensitive Information Into Sent Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Retrieve Embedded Sensitive Data.This issue affects Sunshine Photo Cart: from n/a through 3.6.2...
WordPress plugin Bus Ticket Booking with Seat Reservation 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
PT-2026-31161
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/...
PT-2026-31116
Insertion of Sensitive Information Into Sent Data vulnerability in Pär Thernström Simple History simple-history allows Retrieve Embedded Sensitive Data.This issue affects Simple History: from n/a through = 5.24.0...
PT-2026-31164
Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Retrieve Embedded Sensitive Data.This issue affects RepairBuddy: from n/a through = 4.1132...
Embedded Malicious Code
Overview @velora-dex/sdk is a SDK for the Velora API Affected versions of this package are vulnerable to Embedded Malicious Code that delivers a malicious payload through dist/index.js. An attacker uploaded a compromised version of the package directly to the npm registry. The payload runs a...
Node.js: Embedded-nul hostnames can lead to silent authority rebinding due to c-string truncation in resolver bindings
Vulnerability description not provided...