CVE-2025-27002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2025-27002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2025-27002 WordPress CountDown With Image or Video Background plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2025-27002 WordPress CountDown With Image or Video Background plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup CountDown With Image or Video Background countdown-with-background allows Reflected XSS.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

WordPress CountDown With Image or Video Background plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin CountDown With Image or Video Background versions = 1.5...

WordPress plugin CountDown With Image or Video Background 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2025-68054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup CountDown With Image or Video Background countdownwithbackground allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

PT-2025-51445

Name of the Vulnerable Software and Affected Versions LambertGroup CountDown With Image or Video Background versions through 1.5 Description The software contains an SQL injection flaw due to improper neutralization of special elements within SQL commands. This allows for blind SQL injection...

WordPress CountDown With Image or Video Background plugin <= 1.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin CountDown With Image or Video Background versions = 1.5...

CVE-2025-20382 URL validation bypass through Views Dashboard in Splunk Enterprise

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a views dashboard with a custom background using th...

EUVD-2025-199296

Malicious code in @quick-start-soft/quick-remove-image-background npm...

PYSEC-2025-24

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

CVE-2025-25301

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

CVE-2025-25302 Rembg CORS misconfiguration

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allowcredentia...

CVE-2023-35676

In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

PT-2023-25261 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to an unsafe PendingIntent in the createQuickShareAction of SaveImageInBackgroundTask.java. This could lead to a background activit...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android due to an insecure PendingIntent in the createQuickShareAction of SaveImageInBackgroundTask.java, which can be exploited by an attacker to elevate privileges...