WordPress Download Monitor plugin <= 5.1.9 - Non-Arbitrary File Download vulnerability

Non-Arbitrary File Download vulnerability discovered by daroo in WordPress Plugin Download Monitor versions = 5.1.9...

CVE-2026-32354

Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Retrieve Embedded Sensitive Data.This issue affects WpEvently: from n/a through 5.1.9...

PT-2026-7578

A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

WordPress plugin Userpro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2022-25196

Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after logging in...

PT-2025-1970 · WordPress · Adforest

Name of the Vulnerable Software and Affected Versions: AdForest theme for WordPress versions up to, and including, 5.1.8 Description: The AdForest theme for WordPress is vulnerable to authentication bypass due to the plugin not properly verifying a user's identity prior to logging them in as that...

WordPress plugin Userpro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-42464

Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9...

upKeeper 安全漏洞

upKeeper is a cloud-based or local solution from upKeeper, Inc. A security vulnerability exists in upKeeper version 5.1.9 and prior versions that stems from the presence of an incorrect authentication vulnerability that allows bypassing authentication...

SUSE CVE-2018-1000845

DO NOT USE THIS CANDIDATE NUMBER. ConsultID: CVE-2017-6519. Reason: This candidate is a duplicate of CVE-2017-6519. Notes: All CVE users should reference CVE-2017-6519 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...