106 matches found
CVE-2026-4074 Quran Live Multilanguage <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The Quran Live Multilanguage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cheikh' and 'lang' shortcode attributes in all versions up to, and including, 1.0.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Th...
WordPress plugin Quran Live Multilanguage 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
EUVD-2026-9069
PMD Designer has Stored XSS in VBHTMLRenderer and YAHTMLRenderer via unescaped violation messages...
CVE-2026-24598
Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through = 1.5.2...
CVE-2026-24598
Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through = 1.5.2...
CVE-2026-24598 WordPress Multilanguage by BestWebSoft plugin <= 1.5.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through = 1.5.2...
CVE-2026-24598
CVE-2026-24598 : The WordPress plugin Multilanguage by BestWebSoft (versions through 1.5.2) contains a Missing Authorization (Broken Access Control) vulnerability. Public documents (NVD, Red Hat, CVE list, PatchStack) confirm affected software and the issue class, but do not provide exploit detai...
CVE-2026-24598
Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through = 1.5.2...
CVE-2026-24598 WordPress Multilanguage by BestWebSoft plugin <= 1.5.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through = 1.5.2...
WordPress plugin Multilanguage by BestWebSoft has security vulnerabilities.
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-4432
Name of the Vulnerable Software and Affected Versions bestwebsoft Multilanguage by BestWebSoft versions through 1.5.2 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. Recommendations Update bestwebsoft Multilanguage ...
WordPress Multilanguage by BestWebSoft plugin <= 1.5.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Multilanguage by BestWebSoft versions = 1.5.2...
CVE-2025-58619
Deserialization of Untrusted Data vulnerability in sbouey Falang multilanguage falang allows Object Injection.This issue affects Falang multilanguage: from n/a through = 1.3.65...
CVE-2025-58619
Deserialization of Untrusted Data vulnerability in sbouey Falang multilanguage falang allows Object Injection.This issue affects Falang multilanguage: from n/a through = 1.3.65...
EUVD-2025-38143
Deserialization of Untrusted Data vulnerability in sbouey Falang multilanguage falang allows Object Injection.This issue affects Falang multilanguage: from n/a through = 1.3.65...
CVE-2025-58619 WordPress Falang multilanguage Plugin <= 1.3.65 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in sbouey Falang multilanguage falang allows Object Injection.This issue affects Falang multilanguage: from n/a through = 1.3.65...
PT-2025-45244
Deserialization of Untrusted Data vulnerability in sbouey Falang multilanguage falang allows Object Injection.This issue affects Falang multilanguage: from n/a through = 1.3.65...
WordPress plugin Falang multilanguage 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
WordPress A Simple Multilanguage plugin cross-site scripting vulnerability
WordPress A Simple Multilanguage plugin is a plugin for implementing multilingual functionality on your website. WordPress A Simple Multilanguage plugin suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of asmp-switcher data, which can be...
EUVD-2018-18121
Malware in sbrugna...