CVE-2026-5075

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

PT-2024-20446

Name of the Vulnerable Software and Affected Versions Bludit affected versions not specified Description The issue concerns the use of predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens, such as the API token and the user token. This allows attackers to...

GitLab 授权问题漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to view a project's file contents, commit history, bug lists, and more. GitLab suffers from an authorization issue vulnerability,...

CVE-2020-10275

The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. Given a USERNAME and a PASSWORD, the token string is generated directly with base64USERNAME:sha256PASSWORD. An unauthorized attacker inside the network can use the defaul...