177 matches found
CVE-2026-41714 In Spring AMQP the RabbitConnectionFactoryBean.setUri("amqps://...") bypasses secure SSL setup, uses TrustEverythingTrustManager
Applications that configure their broker connection via RabbitConnectionFactoryBean.setUri"amqps://..." without also calling setUseSSLtrue get TLS encryption with no certificate validation and no hostname verification. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1....
Malicious code in kyxserver-everything (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7be104f8e720927f9b7ea1bb3d036db80ffa6b65c8b7f0a6c8af29d1d4631f43 The package kyxserver-everything was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1955 Malicious code in kyxserver-everything (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7be104f8e720927f9b7ea1bb3d036db80ffa6b65c8b7f0a6c8af29d1d4631f43 The package kyxserver-everything was found to contain malicious code. Source: ghsa-malware...
Comparison of Credential Management Systems Based on the Standards of IEEE, ETSI, and YD/T 3957-2021
As V2X Vehicle-to-Everything technology becomes increasingly prevalent, the security of V2X networks has garnered growing attention worldwide. In North America, the IEEE 1609 series standards are primarily used, while Europe adopts the ETSI series standards, and China has also established its...
CVE-2026-27057
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...
CVE-2026-27057
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...
CVE-2026-27057
CVE-2026-27057 concerns the WordPress plugin Penci Filter Everything by PenciDesign (versions
CVE-2026-27057
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...
CVE-2026-27057 WordPress Penci Filter Everything plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...
PT-2026-20763
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...
CVE-2026-24371
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...
CVE-2026-24371
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...
CVE-2026-24371 WordPress BA Book Everything plugin <= 1.8.16 - Broken Access Control vulnerability
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...
CVE-2026-24371
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...
CVE-2026-24371 WordPress BA Book Everything plugin <= 1.8.16 - Broken Access Control vulnerability
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...
CVE-2026-24371
CVE-2026-24371 is a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin BA Book Everything (ba-book-everything) affecting versions up to 1.8.16. The RedHat/NVD entries describe an access-control weakness allowing exploitation via misconfigured security levels. The ...
WordPress plugin BA Book Everything security vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress Penci Filter Everything plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Filter Everything versions = 1.7...
WordPress BA Book Everything plugin <= 1.8.16 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin BA Book Everything versions = 1.8.16...
EUVD-2025-204470
The BA Book Everything plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's babe-search-form shortcode in all versions up to, and including, 1.8.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...