CVE-2026-11877

An unauthorized user can modify configuration through API calls that affects the OpenText Access Manager. This issue affects Access Manager before 5.1.3...

EUVD-2026-36849

Unauthenticated Cross Site Scripting XSS in MW WP Form = 5.1.3 versions...

PT-2026-49479

Unauthenticated Cross Site Scripting XSS in MW WP Form = 5.1.3 versions...

CVE-2026-5513

creationtimestamp| type| source ---|---|--- 2026-06-13 18:01:43+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mo6tilwrx22o 2026-06-14 06:01:57+00:00| seen| https://infosec.exchange/users/offseq/statuses/116746932965862347 2026-06-14 06:02:36+00:00| seen|...

PT-2026-48393

The MW WP Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'memo' parameter in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above,...

WordPress MW WP Form plugin <= 5.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by VanTastic in WordPress Plugin MW WP Form versions = 5.1.3...

EUVD-2025-208289

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot...

CVE-2026-24732

Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice Extension:NSFileRepo modules allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This...

PT-2025-44712

Name of the Vulnerable Software and Affected Versions Employee Spotlight – Team Member Showcase & Meet the Team Plugin versions prior to 5.1.3 Description The Employee Spotlight – Team Member Showcase & Meet the Team Plugin for WordPress is susceptible to Stored Cross-Site Scripting through Socia...

novel-plus 安全漏洞

novel-plus is a novel reading software by xxy individual developer. A security vulnerability exists in novel-plus 5.1.3 and earlier versions, which stems from the mishandling of the parameter sort/order in the user management module, which may lead to an SQL injection attack...

novel-plus 安全漏洞

novel-plus is a novel reading software by xxy individual developer. A security vulnerability exists in novel-plus version 5.1.3 and earlier, which stems from a misbehavior of the function ajaxLogin that results in authentication bypass...

WordPress plugin Bold Page Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

ESP-IDF 安全漏洞

ESP-IDF is an open source development framework for Espressif SoCs supported on Windows, Linux and macOS by Espressif Systems. ESP-IDF has a security vulnerability that stems from the presence of a TOCTOU vulnerability. The vulnerability allows an attacker with physical access to the device's fla...

Silverstripe CMS GraphQL Server Security Vulnerability

Silverstripe CMS GraphQL Server is a tool that makes SilverStripe data available as a GraphQL representation. A security vulnerability exists in Silverstripe CMS GraphQL Server versions 4.x prior to 4.3.7 and 5.x prior to 5.1.3, which stems from the ability to bypass privilege checks...

VulnCheck KEV: CVE-2023-7102

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

CVE-2023-50369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alma Alma – Pay in installments or later for WooCommerce allows Stored XSS.This issue affects Alma – Pay in installments or later for WooCommerce: from n/a through 5.1.3...

SUSE-SU-2023:3778-1 Security update for wireshark

This update for wireshark fixes the following issues: - Wireshark update to v3.6.16. - CVE-2023-4512: Fixed a bug in CBOR dissector which could lead to crash. bsc1214561 - CVE-2023-4511: Fixed a bug in BT SDP dissector which could lead to an infinite loop. bsc1214560 - CVE-2023-4513: Fixed a bug ...

SUSE CVE-2006-3018

Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption...

SUSE CVE-2018-2842

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2022-4346

The All-In-One Security AIOS WordPress plugin before 5.1.3 leaked settings of the plugin publicly, including the used email address...