PT-2026-30977

Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the genealogy application allows any authenticated user to transfer ownership of arbitrary non-personal teams to themselves. This enables complete takeover of other users’ team workspaces...

CVE-2025-55287

CVE-2025-55287 affects Genealogy (PHP) versions prior to 4.4.0. The vulnerability is an authenticated stored XSS in the Person firstname/lastname, allowing an attacker (Editor+ or higher) to inject JavaScript that executes in other users’ sessions, potentially leading to session hijacking, data t...

Genealogy 跨站脚本漏洞

Genealogy is a genealogy PHP application from the individual developer of KREAWEB.be. A cross-site scripting vulnerability exists in Genealogy versions prior to 4.4.0, which stems from a reflective cross-site scripting vulnerability that could lead to session hijacking and data theft...

PT-2025-33674 · Genealogy · Genealogy

Name of the Vulnerable Software and Affected Versions: Genealogy versions prior to 4.4.0 Description: Genealogy is a family tree PHP application susceptible to an authenticated stored cross-site scripting XSS issue. Attackers with valid credentials can execute arbitrary JavaScript code within...

PT-2025-33675 · Genealogy · Genealogy

Name of the Vulnerable Software and Affected Versions: Genealogy versions prior to 4.4.0 Description: Genealogy is a family tree PHP application susceptible to an authenticated reflected cross-site scripting XSS issue. An attacker with valid credentials can execute arbitrary JavaScript code withi...

ofb.genealogy.net Cross Site Scripting vulnerability OBB-3805320

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress WP Genealogy – Your Family History Website Plugin <= 0.1.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Genealogy – Your Family History Website Type Plugin Vulnerable versions = 0.1.4 Fixed in 0.1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 55c81fdd8c25 Credits Rafie...

WordPress WP Genealogy – Your Family History Website plugin <= 0.1.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP Genealogy – Your Family History Website plugin versions = 0.1.2. Solution Update the WordPress WP Genealogy – Your Family History Website plugin to the latest available version at least 0.1.3...

WordPress WP Genealogy – Your Family History Website plugin <= 0.1.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP Genealogy – Your Family History Website plugin versions = 0.1.2. Solution Update the WordPress WP Genealogy – Your Family History Website plugin to the latest available version at least 0.1.3...

What DNA testing kit companies are really doing with your data

Sarah hovered over the mailbox, envelope in hand. She knew as soon as she mailed off her DNA sample, there’d be no turning back. She ran through the information she looked up on 23andMe’s website one more time: the privacy policy, the research parameters, the option to learn about potential healt...

fannons.net XSS vulnerability

Open Bug Bounty ID: OBB-668847 Description| Value ---|--- Affected Website:| fannons.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

cookebranchfamily.org XSS vulnerability

Open Bug Bounty ID: OBB-649409 Description| Value ---|--- Affected Website:| cookebranchfamily.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

DNA Testing Service MyHeritage Leaks User Data of 92 Million Customers

Account data tied to 92 million users of the genealogy and DNA testing service MyHeritage were found on a third-party “private” server in a breach that exposed usernames and passwords of customers. The breach is the largest since last year’s Equifax leak of 147.9 million pieces of private data...

DNA testing website MyHeritage hacked; 92 million user accounts stolen

By Waqas MyHeritage, an Israeli DNA, and genealogy website has suffered a massive This is a post from HackRead.com Read the original post: DNA testing website MyHeritage hacked; 92 million user accounts stolen...

algonquinhighlands.ca XSS vulnerability

Open Bug Bounty ID: OBB-624765 Description| Value ---|--- Affected Website:| algonquinhighlands.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

kemp.directory XSS vulnerability

Open Bug Bounty ID: OBB-624764 Description| Value ---|--- Affected Website:| kemp.directory Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

kim.gardiner.com.au XSS vulnerability

Open Bug Bounty ID: OBB-347877 Description| Value ---|--- Affected Website:| kim.gardiner.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

moore.org.nz XSS vulnerability

Open Bug Bounty ID: OBB-347760 Description| Value ---|--- Affected Website:| moore.org.nz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

genealogy.mdhervey.com XSS vulnerability

Vulnerable URL: http://genealogy.mdhervey.com/browsemedia.php?mediasearch=bug=headstones=Relatives=%22%20autofocus%20onfocus=alert%60OPENBUGBOUNTY%60%20 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly...

genealogy.gettheball.com XSS vulnerability

Vulnerable URL: http://genealogy.gettheball.com/browsemedia.php?mediasearch=bug=headstones=Relatives=%22%20autofocus%20onfocus=alert%60OPENBUGBOUNTY%60%20 Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 17.11.2017 Vulnerability type:| XSS...