CVE-2025-0365

The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.8.7 via the inline SVG feature. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server,...

MAL-2025-319 Malicious code in webpack-inline-constant-exports-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb8ae870fad74826ac57af33f27bdbe9e74f667ec62aac01b5c9e55a47d36001 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-22570

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdjekic Inline Tweets inline-tweets allows Stored XSS.This issue affects Inline Tweets: from n/a through = 2.0...

CVE-2025-22570

CVE-2025-22570 refers to an unauthenticated stored XSS vulnerability in the WordPress plugin Inline Tweets (affected: Inline Tweets

CVE-2025-22570 WordPress Inline Tweets plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdjekic Inline Tweets inline-tweets allows Stored XSS.This issue affects Inline Tweets: from n/a through = 2.0...

CVE-2025-22570 WordPress Inline Tweets plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Miloš Đekić Inline Tweets allows Stored XSS.This issue affects Inline Tweets: from n/a through 2.0...

WordPress plugin Inline Tweets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Inline Tweets plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Inline Tweets versions = 2.0...

CVE-2024-56768 bpf: Fix bpf_get_smp_processor_id() on !CONFIG_SMP

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfgetsmpprocessorid on !CONFIGSMP On x86-64 calling bpfgetsmpprocessorid in a kernel with CONFIGSMP disabled can trigger the following bug, as pcpuhot is unavailable: 8.471774 BUG: unable to handle page fault for addres...

CVE-2024-56019

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gavinr Inline Footnotes inline-footnotes allows Stored XSS.This issue affects Inline Footnotes: from n/a through = 2.3.0...

CVE-2024-56019 WordPress Inline Footnotes Plugin <= 2.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gavinr Inline Footnotes inline-footnotes allows Stored XSS.This issue affects Inline Footnotes: from n/a through = 2.3.0...

CVE-2024-56019 WordPress Inline Footnotes Plugin <= 2.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gavinr Inline Footnotes inline-footnotes allows Stored XSS.This issue affects Inline Footnotes: from n/a through = 2.3.0...

CVE-2024-56019

CVE-2024-56019 affects the WordPress plugin Inline Footnotes, with Stored XSS due to improper input neutralization during web page generation. Affected range is Inline Footnotes: from n/a through 2.3.0. Root cause is improper neutralization of input during page generation, enabling stored cross-s...

WordPress plugin Inline Footnotes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2026-26112

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where data reservation was incorrectly freed during fallback from inline extent creation due to an -ENOSPC error. This occurred when failing to create ...

PT-2026-26111

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to a reservation leak within the btrfs file system when inserting inline extents. Specifically, if allocation of a path or joining a transaction...

WordPress Inline Footnotes Plugin <= 2.3.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Inline Footnotes versions = 2.3.0...

Ivanti Sentry 安全漏洞

Ivanti Sentry is an in-line gateway from Ivanti USA, Inc. It is used to manage, encrypt and protect traffic between mobile devices and back-end enterprise systems. A security vulnerability exists in Ivanti Sentry that stems from insecure privilege management. An attacker could exploit the...

CVE-2023-51647

Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can b...

CVE-2024-51803

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Magnetic Creative Inline Click To Tweet inline-click-to-tweet allows DOM-Based XSS.This issue affects Inline Click To Tweet: from n/a through = 1.0.0...