CVE-2026-11945 PostgreSQL Anonymizer: SQL injection in the rules import functions

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a JSON document and placing malicious code inside a particular key-value pair. If a superuser calls the importdatabaserules or importrolesrules functions, the malicious code is executed with...

PostgreSQL Anonymizer SQL注入漏洞

PostgreSQL Anonymizer is an open-source extension developed by DALIBO in France, designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. PostgreSQL Anonymizer has a SQL injection vulnerability. This vulnerability arises from...

WordPress plugin ELEX WooCommerce Dynamic Pricing and Discounts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-17519 · WordPress · Elex Woocommerce Dynamic Pricing/Discounts

Name of the Vulnerable Software and Affected Versions: ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress versions up to, and including, 2.1.7 Description: The issue arises from a missing capability check on the elex dp export rules and elex dp import rules functions, allowing...