42 matches found
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in Media Feeds in Google Chrome prior to version 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption through a crafted HTML page...
EUVD-2024-29277
Malicious code in bioql PyPI...
CVE-2025-39498
Insertion of Sensitive Information Into Sent Data vulnerability in Spotlight Spotlight - Social Media Feeds Premium allows Retrieve Embedded Sensitive Data.This issue affects Spotlight - Social Media Feeds Premium: from n/a through 1.7.1...
CVE-2025-39498
Insertion of Sensitive Information Into Sent Data vulnerability in Spotlight Spotlight - Social Media Feeds Premium allows Retrieve Embedded Sensitive Data.This issue affects Spotlight - Social Media Feeds Premium: from n/a through 1.7.1...
CVE-2025-39498
CVE-2025-39498 concerns WordPress plugin Spotlight Social Feeds (Premium)
PT-2025-22890 · Unknown · Spotlight - Social Media Feeds
Name of the Vulnerable Software and Affected Versions: Spotlight - Social Media Feeds Premium versions 1.7.1 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. This affects the Spotlight - Social Media...
CVE-2024-31381
Cross-Site Request Forgery CSRF vulnerability in RebelCode Spotlight Social Media Feeds.This issue affects Spotlight Social Media Feeds: from n/a through 1.6.10...
CVE-2025-26758 WordPress Spotlight Social Feeds plugin <= 1.7.1 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RebelCode Spotlight Social Media Feeds spotlight-social-photo-feeds allows Retrieve Embedded Sensitive Data.This issue affects Spotlight Social Media Feeds: from n/a through = 1.7.1...
PT-2025-7223 · Rebelcode · Rebelcode Spotlight Social Media Feeds
Name of the Vulnerable Software and Affected Versions: RebelCode Spotlight Social Media Feeds versions prior to 1.7.1 Description: The issue allows exposure of sensitive system information to an unauthorized control sphere, enabling the retrieval of embedded sensitive data. Recommendations: For...
CVE-2024-31381
Cross-Site Request Forgery CSRF vulnerability in RebelCode Spotlight Social Media Feeds.This issue affects Spotlight Social Media Feeds: from n/a through 1.6.10...
CVE-2024-31381 WordPress Spotlight Social Feeds plugin <= 1.6.10 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in RebelCode Spotlight Social Media Feeds.This issue affects Spotlight Social Media Feeds: from n/a through 1.6.10...
CVE-2024-31381
Technical details about CVE-2024-31381 and affected products are not provided in the connected documents. Monitor for official advisories to learn impact, vulnerable components, and remediation.
CVE-2024-31381 WordPress Spotlight Social Feeds plugin <= 1.6.10 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in RebelCode Spotlight Social Media Feeds.This issue affects Spotlight Social Media Feeds: from n/a through 1.6.10...
WordPress Spotlight Social Feeds plugin <= 1.6.10 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Spotlight Social Media Feeds versions = 1.6.10...
WordPress Spotlight Social Media Feeds Plugin <= 1.6.10 is vulnerable to Cross Site Request Forgery (CSRF)
Software Spotlight Social Media Feeds Type Plugin Vulnerable versions = 1.6.10 Fixed in 1.6.11 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-31381 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ea25d8b303d6 Credits Majed Refa...
WordPress Spotlight Social Media Feeds Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS)
Software Spotlight Social Media Feeds Type Plugin Vulnerable versions = 1.6 Fixed in 1.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 91b8b157c36a Credits Rafie Muhammad Patchstack...
SUSE CVE-2021-30508
Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption via a crafted HTML page...
WordPress Spotlight Social Media Feeds Plugin < 1.4.3 is vulnerable to Cross Site Scripting (XSS)
Software Spotlight Social Media Feeds Type Plugin Vulnerable versions 1.4.3 Fixed in 1.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0379 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 727812743302 Credits Lana...
CVE-2022-23748
creationtimestamp| type| source ---|---|--- 2022-11-18 02:18:05+00:00| seen| https://t.me/cibsecurity/53122 2025-02-06 17:21:54+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113958093669259699 2025-02-06 17:49:28+00:00| seen|...
WordPress Spotlight Social Media Feeds plugin < 0.10.2 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Spotlight Social Media Feeds plugin versions 0.10.2. Solution Update the WordPress Spotlight Social Media Feeds plugin to the latest available version at least 0.10.2...