CVE-2026-6236

CVE-2026-6236 affects the WordPress plugin Posts map (versions up to and including 0.1.3). The root cause is insufficient input sanitization and output escaping for the 'name' shortcode attribute , leading to Stored Cross-Site Scripting. The vulnerability requires authenticated access at contribu...

CVE-2026-6236 Posts map <= 0.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'name' Shortcode Attribute

The Posts map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' shortcode attribute in all versions up to, and including, 0.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

CVE-2026-6236 Posts map <= 0.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'name' Shortcode Attribute

The Posts map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' shortcode attribute in all versions up to, and including, 0.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of GFP-Kernel in vmmap Ram. This vulnerability may cause swap I/O to be triggered during...

WordPress plugin Posts map 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013708)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013708 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in ...

PT-2026-34307

Name of the Vulnerable Software and Affected Versions Posts map plugin for WordPress versions prior to 0.1.4 Description Insufficient input sanitization and output escaping on user supplied attributes allow authenticated attackers with contributor-level access and above to inject arbitrary web...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013612)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013612 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2mountvolume There is a memory leak reported by kmemleak:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013859)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013859 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013871 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, on...

openSUSE 16 Security Update : go1.26 (openSUSE-SU-2026:20571-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20571-1 advisory. - Update to version go1.26.2 bsc1255111. - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. - CVE-2026-27143:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013781)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013781 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013254)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013254 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bankmap Thee maximum number of MCA banks is 64 MAXNRBANKS, see...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011131)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011131 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bankmap Thee maximum number of MCA banks is 64 MAXNRBANKS, see...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010969)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010969 advisory. In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix pciendpointtestcopy,write,read panic The dmamapsingle doesn't permit...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011222)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011222 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2mountvolume There is a memory leak reported by kmemleak:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013041)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013041 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspac...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011252)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011252 advisory. In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This is motivated by OOB access in...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006974)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006974 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013236)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013236 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference ...