CVE-2023-7231

The CVE-2023-7231 entry covers the illi Link Party! WordPress plugin (

CVE-2023-48287

CVE-2023-48287 relates to the WordPress TextMe SMS plugin, affected versions 1.9.0 and earlier, which exhibits a Broken Access Control/Missing Authorization vulnerability. The issue allows exploitation of improperly configured access controls (as described by PatchStack, with references to a brok...

CVE-2024-35648

Technical details for CVE-2024-35648 are not provided in the supplied documents. No affected software, root cause, or remediation is disclosed here; monitor for updates from the announcing organization.

CVE-2023-47682

CVE-2023-47682 affects the WordPress WP User Frontend plugin (versions ≤3.6.5). The issue is improper privilege management that allows authenticated users (author level and above) to escalate privileges, potentially enabling admin-level access via the registration_form function. The vulnerability...

CVE-2023-47342

CVE-2023-47342 is associated with FFmpeg. Multiple connected advisories report an out-of-bounds/out-of-array access in avformat/rtsp that could enable denial of service or remote code execution in affected FFmpeg versions. Slackware Mageia and MageiaOSV entries reference this CVE in the context o...

CVE-2018-19454

The connected document identifies a concrete vulnerability in yiisoft/yii2: information disclosure caused by credentials (e.g., HTTP auth username/password) being logged in the application’s logging target (\yii\log\Target). An attacker who can access the log files could retrieve these credential...

CVE-2017-1547

CVE-2017-1547 affects IBM Emptoris Services Procurement. The vulnerability enables username enumeration through the forgot-password flow, allowing an attacker to determine valid usernames and potentially brute-force credentials. This concerns IBM Emptoris Services Procurement 10.0.0.x. Root cause...