597 matches found
PT-2026-21488
Name of the Vulnerable Software and Affected Versions higuma web-audio-recorder-js versions 0.1 and 0.1.1 Description A flaw exists in the extend function within the lib/WebAudioRecorder.js library, specifically in the Dynamic Config Handling component. This allows for improper modification of...
CVE-2026-25310
Server-Side Request Forgery SSRF vulnerability in Alobaidi Extend Link extend-link allows Server Side Request Forgery.This issue affects Extend Link: from n/a through = 2.0.0...
Adapt, Protect, and Extend: How Partners Can Help Orgs Unlock ROI from AI
...
CVE-2026-25310
Server-Side Request Forgery SSRF vulnerability in Alobaidi Extend Link extend-link allows Server Side Request Forgery.This issue affects Extend Link: from n/a through = 2.0.0...
CVE-2026-25310
CVE-2026-25310: A SSRF vulnerability in the WordPress Extend Link plugin (extend-link) affects versions from n/a up to and including 2.0.0. The issue arises from extend-link allowing SSRF; CVSS 3.1 base score 4.9 (NETWORK, HIGH complexity, LOW privileges). Impact: confidentiality and integrity ma...
CVE-2026-25310 WordPress Extend Link plugin <= 2.0.0 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Alobaidi Extend Link extend-link allows Server Side Request Forgery.This issue affects Extend Link: from n/a through = 2.0.0...
CVE-2026-25310
Server-Side Request Forgery SSRF vulnerability in Alobaidi Extend Link extend-link allows Server Side Request Forgery.This issue affects Extend Link: from n/a through = 2.0.0...
CVE-2026-25310 WordPress Extend Link plugin <= 2.0.0 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Alobaidi Extend Link extend-link allows Server Side Request Forgery.This issue affects Extend Link: from n/a through = 2.0.0...
CVE-2026-1646 Advance Block Extend <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via TitleColor Block Attribute
The Advance Block Extend plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TitleColor block attribute in the Latest Posts Gutenberg block in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-1646 Advance Block Extend <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via TitleColor Block Attribute
The Advance Block Extend plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TitleColor block attribute in the Latest Posts Gutenberg block in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-1646
CVE-2026-1646 affects the Advance Block Extend WordPress plugin (versions up to and including 1.0.4). The issue is a Stored Cross-Site Scripting (XSS) in the TitleColor attribute of the Latest Posts Gutenberg block, caused by insufficient input sanitization and output escaping. Exploitation requi...
WordPress plugin Advance Block Extend 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Extend Link 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-20682
Server-Side Request Forgery SSRF vulnerability in Alobaidi Extend Link extend-link allows Server Side Request Forgery.This issue affects Extend Link: from n/a through = 2.0.0...
WordPress Advance Block Extend plugin <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via TitleColor Block Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via TitleColor Block Attribute vulnerability discovered by WordFence in WordPress Plugin Advance Block Extend versions = 1.0.4...
EUVD-2026-4851
Maker.js has Unsafe Property Copying in makerjs.extendObject...
WordPress Extend Link plugin <= 2.0.0 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by theviper17 in WordPress Plugin Extend Link versions = 2.0.0...
MiracleLinux 7 : net-snmp-5.7.2-49.el7.1 (AXSA:2020-977:08)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-977:08 advisory. net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution CVE-2020-15862 Tenable has extracted the preceding description...
LoongArch: BPF: Sign extend kfunc call arguments
...
SUSE CVE-2018-3750
The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all object...