7 matches found
CVE-2026-40776 WordPress Eventin plugin <= 4.1.8 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...
CVE-2026-22242 CoreShop Vulnerable to SQL Injection via Admin Reports
CoreShop is a Pimcore enhanced eCommerce solution. Prior to version 4.1.8, a blind SQL injection vulnerability exists in the application that allows an authenticated administrator-level user to extract database contents using boolean-based or time-based techniques. The database account used by th...
WordPress Houzez Theme - Functionality plugin <= 4.1.8 - Local File Inclusion vulnerability
WordPress Houzez Theme - Functionality plugin = 4.1.8 - Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Houzez Theme - Functionality versions = 4.1.8...
CVE-2022-41847
creationtimestamp| type| source ---|---|--- 2025-05-20 19:42:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17054...
SUSE CVE-2025-24970
Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...
CVE-2024-1954
The Oliver POS – A WooCommerce Point of Sale POS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.1.8. This is due to missing or incorrect nonce validation in the includes/class-pos-bridge-install.php file. This makes it possible for...
SUSE-SU-2023:0393-1 Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to 15.2: - CVE-2022-41862: Fixed memory leak in libpq bsc1208102...