833 matches found
CVE-2025-14434 Ultimate Post Kit < 4.0.16 – Unauthenticated Arbitrary Post Content Disclosure
The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0.16 exposes multiple AJAX “load more” endpoints such as upkalexgridloadmoreposts without ensuring that posts to be displayed are published authentication. This allows an unauthenticated attacker to query arbitrary posts and...
CVE-2025-14434
CVE-2025-14434 affects the WordPress plugin “Ultimate Post Kit Addons for Elementor” (versions prior to 4.0.16). The issue arises from multiple AJAX endpoints (e.g., loadmore posts) that do not verify whether targeted posts are published, enabling an unauthenticated attacker to query arbitrary po...
PT-2025-54283
The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0.16 exposes multiple AJAX “load more” endpoints such as upk alex grid loadmore posts without ensuring that posts to be displayed are published authentication. This allows an unauthenticated attacker to query arbitrary posts and...
WordPress Ajax Load More plugin < 2.8.1.2 - Subscriber+ File Upload & Deletion vulnerability
Subscriber+ File Upload & Deletion vulnerability discovered by PizzaHatHacker in WordPress Plugin Ajax Load More versions 2.8.1.2...
CVE-2025-64247
Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.5.1...
EUVD-2025-203603
Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.4.1...
CVE-2025-64247
Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.5.1...
CVE-2025-64247
CVE-2025-64247 describes a Missing Authorization vulnerability in the WordPress plugin Read More & Accordion (Expand-maker). The Initial description states impact via unauthorized access due to misconfigured access controls, affecting Read More & Accordion: from n/a through
CVE-2025-64247 WordPress Read More & Accordion plugin <= 3.5.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.5.1...
CVE-2025-64247 WordPress Read More & Accordion plugin <= 3.5.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in edmon.parker Read More & Accordion expand-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Read More & Accordion: from n/a through = 3.5.5.1...
PT-2025-51395
Name of the Vulnerable Software and Affected Versions edmon.parker Read More & Accordion versions through 3.5.4.1 Description An authorization issue exists in edmon.parker Read More & Accordion expand-maker, allowing exploitation of incorrectly configured access control security levels...
WordPress plugin Read More & Accordion 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an...
WordPress Read More & Accordion plugin <= 3.5.5.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Read More & Accordion versions = 3.5.5.1...
SUSE CVE-2023-53825
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...
CVE-2023-53825
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...
MAL-2025-173591 Malicious code in butanah-fipopha-hafufuh (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 295a91161cb8a11c7452c3649a3c576a28043166056086bf68486aa037aaf302 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147834 Malicious code in semantic-release-process-alphard-commitizen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2909c41dac1a109495cf0ea2e8cb4d523c9f422cf2ee0ae5cd922904f1122860 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-40022
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix incorrect boolean values in afalgctx Commit 1b34cbbf4f01 "crypto: afalg - Disallow concurrent writes in afalgsendmsg" changed some fields from bool to 1-bit bitfields of type u32. However, some assignments to...
SUSE CVE-2022-50536
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...
CVE-2022-50536
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...