CVE-2025-59416 The Scratch Channel forks can publish articles

The Scratch Channel is a news website. If the user makes a fork, they can change the admins and make an article. Since the API uses a POST request, it will make an article. This issue is fixed in v1.2...

WordPress Neon text Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Neon text Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5817 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b1607d0a011 Credits Dmitrii Ignatyev Required privileg...

WordPress Mail Queue Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Mail Queue Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3167 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID fb19b2f489d6 Credits Alex Thomas Required privilege...

WordPress WSB Brands Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS)

Software WSB Brands Type Plugin Vulnerable versions = 1.1.8 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47437 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8260354667d5 Credits Team WeBoB Required privilege...

Collabtive 1.1 SQL Injection

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Collabtive Sql Injection || || Affected Version : 1.1 || || Vendor : http://collabtive.o-dyn.de/index.php || || Risk : Medium || || CVE-ID : 2013-6872 || || Tested on Platform : Windows 7 ||...