16 matches found
EUVD-2026-40937
The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...
CVE-2026-1320
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' HTTP header in all versions up to, and including, 4.9.8 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-1320
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' HTTP header in all versions up to, and including, 4.9.8 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2026-7848
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' HTTP header in all versions up to, and including, 4.9.8 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2022-49899
creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
CVE-2025-62935 WordPress Open Close WooCommerce Store plugin <= 5.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in StackWC Open Close WooCommerce Store woc-open-close allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Open Close WooCommerce Store: from n/a through = 5.0.0...
CVE-2022-34982
The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party...
CVE-2022-49866 net: wwan: mhi: fix memory leak in mhi_mbim_dellink
In the Linux kernel, the following vulnerability has been resolved: net: wwan: mhi: fix memory leak in mhimbimdellink MHI driver registers network device without setting the needsfreenetdev flag, and does NOT call freenetdev when unregisters network device, which causes a memory leak. This patch...
CVE-2022-49850
CVE-2022-49850 affects the Linux kernel nilfs2 subsystem. A semaphore deadlock can occur when nilfs_get_block() detects metadata corruption during data-block allocation and a concurrent superblock writeback happens. The root cause involves a lock order: rwsem A (NILFS_MDT dat_inode mi_sem) read l...
CVE-2022-49805 net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: Fix potential null-ptr-deref in lan966xstatsinit lan966xstatsinit calls createsinglethreadworkqueue and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: lan966xstatsinit...
Linux Distros Unpatched Vulnerability : CVE-2022-49498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Check for null pointer of pointer substream before dereferencing it Pointer...
WordPress plugin Newsletters 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Newsletters plugin <= 4.9.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Newsletters versions = 4.9.8...
CVE-2023-39805
creationtimestamp| type| source ---|---|--- 2023-08-11 00:16:11+00:00| seen| https://t.me/cibsecurity/68257...
SUSE CVE-2022-23807
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances...
Katy Voor HHVM 缓冲区错误漏洞
Katy Voor HHVM is an open source application by Katy Voor. Provides an open source virtual machine designed to execute programs written in Hack. A security vulnerability exists in HHVM that stems from a write out-of-bounds if a buffer is full. The following products and versions are affected: HHV...