[SECURITY] Fedora 43 Update: CImg-3.7.6-2.fc43

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

CVE-2026-3286

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

EUVD-2026-8993

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

CVE-2026-3286

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

CVE-2026-3286

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

CVE-2026-3286

The CVE-2026-3286 entry concerns itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The vulnerable component is the Image Save Endpoint, specifically the Save function in paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java. The issue arises from manipula...

CVE-2026-3286 itwanger paicoding Image Save Endpoint ImageRestController.java save server-side request forgery

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

CVE-2026-3286

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

CVE-2026-3286 itwanger paicoding Image Save Endpoint ImageRestController.java save server-side request forgery

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

paicoding 代码问题漏洞

Paicoding is an open-source community system developed by ITWanger’s individual developers. Versions 1.0.0, 1.0.1, 1.0.2, and 1.0.3 of Paicoding contain code vulnerabilities. These vulnerabilities stem from incorrect handling of the img parameter in the function Save within the component Image Sa...

PT-2026-22293

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

EUVD-2021-11246

Malware in sbrugna...

WordPress plugin AliExpress Dropshipping with AliNext Lite security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2021-24333

The CVE-2021-24333 case involves the Content Copy Protection & Prevent Image Save WordPress plugin (

WordPress plugin Content Copy Protection & Prevent Image Save 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the Conten...

WordPress Content Copy Protection & Prevent Image Save plugin <= 1.3 - Authenticated Persistent XSS & XFS vulnerabilities

Authenticated Persistent XSS & XFS vulnerabilities discovered by m0ze in WordPress Content Copy Protection & Prevent Image Save plugin versions = 1.3. Solution This plugin has been closed as of April 5, 2021 and is not available for download. This closure is temporary, pending a full review...

WordPress Content Copy Protection & Prevent Image Save <= 1.3 - Authenticated Cross-Site Request Forgery (CSRF) vulnerability

Authenticated Cross-Site Request Forgery CSRF vulnerability discovered by m0ze in WordPress Content Copy Protection & Prevent Image Save versions = 1.3. Solution This plugin has been closed as of April 5, 2021 and is not available for download. This closure is temporary, pending a full review...

Content Copy Protection & Prevent Image Save <= 1.3 - CSRF to Stored Cross-Site Scripting (XSS)

The plugin does not check for CSRF when saving its settings, not perform any validation and sanitisation on them, allowing attackers to make a logged in administrator set arbitrary XSS payloads in them. PoC -- PoC 1 | Authenticated Persistent XSS & XFS | Image saving disabled message text: ! POST...

CVE-2019-14373

CVE-2019-14373 affects Free Lossless Image Format (FLIF) 0.3, where the crash is triggered in image_save_png (image/image-png.cpp) leading to a heap-based buffer over-read via a crafted FLIF file. The vulnerability arises from improper data boundary handling during processing, as described in mul...

Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution

Exploit Title: Plugin Buddypress Xprofile Custom Fields Type 2.6.3 RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/ Software Link: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/...