1447 matches found
WordPress Insert Code plugin <= 2.4 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Insert Code versions = 2.4...
CVE-2025-28932
Cross-Site Request Forgery CSRF vulnerability in BCS Website Solutions Insert Code insert-code allows Stored XSS.This issue affects Insert Code: from n/a through = 2.4...
CVE-2025-28932
CVE-2025-28932 is a CSRF-to-Stored-XSS vulnerability affecting the WordPress Insert Code plugin, versioned 2.4 and earlier (plugin <= 2.4). The CVE entry indicates that an attacker can exploit CSRF to trigger stored XSS, with a CVSS v3.1 base score of 7.1 (HIGH) and an attack vector of NETWORK...
CVE-2025-28932 WordPress Insert Code plugin <= 2.4 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in BCS Website Solutions Insert Code insert-code allows Stored XSS.This issue affects Insert Code: from n/a through = 2.4...
CVE-2025-28932 WordPress Insert Code plugin <= 2.4 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in BCS Website Solutions Insert Code insert-code allows Stored XSS.This issue affects Insert Code: from n/a through = 2.4...
WordPress plugin Insert Code 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
OSV-2025-175 UNKNOWN READ in insert_free
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=399390672 Crash type: UNKNOWN READ Crash state: insertfree chunkobjalloc pdfiobjectalloc...
PT-2025-9099 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to an unknown read issue. The crash state involves functions such as insert free, chunk obj alloc, and pdfi object alloc. Recommendations: At the moment, there is no...
SUSE CVE-2022-49620
In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix possible refcount leak in tipcskcreate Free sk in case tipcskinsert fails...
SUSE CVE-2022-49664
In the Linux kernel, the following vulnerability has been resolved: tipc: move bc link creation back to tipcnodecreate Shuang Li reported a NULL pointer dereference crash: BUG: kernel NULL pointer dereference, address: 0000000000000068 RIP: 0010:tipclinkisup+0x5/0x10 tipc Call Trace:...
DEBIAN-CVE-2022-49620
In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix possible refcount leak in tipcskcreate Free sk in case tipcskinsert fails...
UBUNTU-CVE-2022-49671
In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ibcminsertlisten cmallocidpriv allocates resource for the cmidpriv. When cminitlisten fails it doesn't free it, leading to memory leak. Add the missing error unwind...
UBUNTU-CVE-2022-49620
In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix possible refcount leak in tipcskcreate Free sk in case tipcskinsert fails...
UBUNTU-CVE-2022-49206
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in error flow for subscribe event routine In case the second xainsert fails, the objevent is not released. Fix the error unwind flow to free that memory to avoid a memory leak...
mysql: Privilege Misuse in MySQL Server Security Component
A flaw was found in MySQL Server component: Security: Privileges. This issue can allow unauthorized update, insert, or delete access to MySQL Server data and unauthorized read access to a subset of data via multiple protocols...
CVE-2024-57668
In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload vulnerability...
CVE-2024-57668
In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload vulnerability...
CVE-2024-57668
In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload vulnerability...
CVE-2024-57668
In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload vulnerability...
CVE-2024-57668
CVE-2024-57668 concerns Code-projects Shopping Portal v1.0 where insert-product.php contains an arbitrary file upload vulnerability. Multiple connected sources confirm the flaw, tying it to the insert-product.php upload handling, with potential impacts on confidentiality, integrity, and availabil...