34 matches found
WordPress Database Toolset Plugin <= 1.8.4 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by LVT-tholv2k in WordPress Plugin Database Toolset versions = 1.8.4...
WordPress WP User Profiles plugin <= 2.6.2 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by astra.r3verii Patchstack Alliance in WordPress Plugin WP User Profiles versions = 2.6.2...
WordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by stealthcopter in WordPress Plugin Hive Support versions = 1.2.5...
WordPress Drag and Drop Multiple File Upload for WooCommerce plugin <= 1.1.4 - Unauthenticated Arbitrary File Move vulnerability
Unauthenticated Arbitrary File Move vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Drag and Drop Multiple File Upload for WooCommerce versions = 1.1.4...
WordPress Woffice Theme <= 5.4.21 is vulnerable to Privilege Escalation
Software Woffice Type Theme Vulnerable versions = 5.4.21 Fixed in 5.4.22 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2025-2798 Patch priority High CVSS severity High 9.8 Developer EPC PSID bdeb5594d059 Credits Foxyyy Required privilege...
WordPress Secure Copy Content Protection and Content Locking plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by astra.r3verii in WordPress Plugin Secure Copy Content Protection and Content Locking versions = 4.4.3...
CVE-2025-21497
The CVE-2025-21497 affects Oracle MySQL Server (InnoDB). Affected: 8.0.40 and prior, 8.4.3 and prior, 9.1.0 and prior. An attacker with network access and high privileges can cause a hang or crash (DoS) and may perform unauthorized updates/inserts/deletes on MySQL data. CVSS v3.1 base score 5.5 (...
PT-2025-34632
Name of the Vulnerable Software and Affected Versions: PhpOffice/PhpSpreadsheet versions prior to 1.30.0 PhpOffice/PhpSpreadsheet versions prior to 2.1.12 PhpOffice/PhpSpreadsheet versions prior to 2.4.0 PhpOffice/PhpSpreadsheet versions prior to 3.10.0 PhpOffice/PhpSpreadsheet versions prior to...
WordPress Kanban Boards for WordPress Plugin <= 2.5.21 is vulnerable to Cross Site Scripting (XSS)
Software Kanban Boards for WordPress Type Plugin Vulnerable versions = 2.5.21 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31103 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d58cc62b701e Credits Yudistira Arya Requir...
PT-2023-29516 · Unknown · Online Food Ordering System
Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The Online Food Ordering System is affected by multiple Unauthenticated SQL Injection vulnerabilities. The issue arises from the phone parameter of the "routers/details-router.php" resource...
Shelter funds can be stolen
Lines of code Vulnerability details Impact Shelter has a function withdraw that lets whitelisted users withdraw a specified amount of some token. The function does not check if the user has already withdrew the tokens. Since, a user can withdraw allowed amount any number of times, stealing all th...
Security Bulletin: GNU C library (glibc) vulnerabilities affect IBM Security Network Active Bypass (CVE-2014-9761, CVE-2015-8778, CVE-2015-8779)
Summary GNU C library glibc vulnerabilities were found that affect IBM Security Network Active Bypass. Vulnerability Details CVEID: CVE-2014-9761 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nan function. By sending an...
CVE-2025-32938
CVE-2025-32938 entry is rejected/not used and does not represent an active vulnerability entry.
CVE-2023-36119
...