CLEANSTART-2026-RI97043 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the prometheus-mysqld-exporter package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

CVE-2023-45046

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pressference Pressference Exporter allows SQL Injection.This issue affects Pressference Exporter: from n/a through 1.0.3...

EUVD-2025-35997

Missing Authorization vulnerability in Mark O'Donnell MSTW CSV EXPORTER mstw-csv-exporter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MSTW CSV EXPORTER: from n/a through = 1.4...

CVE-2025-53424

The CVE-2025-53424 entry describes a Missing Authorization vulnerability in the vanquish WordPress plugin WooCommerce Orders & Customers Exporter (woocommerce-orders-ei) that allows exploitation of incorrectly configured access control. Affected product: WooCommerce Orders & Customers Exporter ve...

PT-2025-34797 · Ipfire · Ipfire

Name of the Vulnerable Software and Affected Versions: IPFire version 2.29 Description: The Calamaris log exporter CGI script /cgi-bin/logs.cgi/calamaris.dat does not properly sanitize user-supplied input before using it in shell commands. This allows a remote, unauthenticated attacker to inject...

CVE-2025-48331 WordPress WooCommerce Orders & Customers Exporter <= 5.0 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Vanquish WooCommerce Orders & Customers Exporter allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Orders & Customers Exporter: from n/a through 5.0...

CVE-2025-24611

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Smackcoders Inc., WP Ultimate Exporter wp-ultimate-exporter allows Absolute Path Traversal.This issue affects WP Ultimate Exporter: from n/a through = 2.9...

CVE-2025-24611

CVE-2025-24611 : Path traversal vulnerability in Smackcoders WP Ultimate Exporter (affected: versions n/a through 2.9) allows Absolute Path Traversal due to improper pathname restriction. This can enable arbitrary file reads from the server. Root cause is failure to correctly constrain paths to r...

Fedora 40 : prometheus-podman-exporter (2024-f2a4ffc1ff)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f2a4ffc1ff advisory. release v1.14.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

WordPress plugin Widget Settings Importer/Exporter security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...