8 matches found
EUVD-2025-210353
Contributor Broken Access Control in Live Copy Paste for Elementor = 1.5.3 versions...
CVE-2026-34898
Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce = 1.5.3 versions...
CVE-2026-25350
CVE-2026-25350 is a Reflected XSS vulnerability in the Miti WordPress theme (Miti miti) affecting versions
CVE-2024-55024
An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts...
SUSE CVE-2024-54131
The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...
ThinkAdmin Security Vulnerability
ThinkAdmin is a general purpose backend management system based on the ThinkPHP framework. A security vulnerability exists in ThinkAdmin version v6.1.53. An attacker can exploit this vulnerability to download malicious PHP files by providing a specially crafted URL to obtain a shell...
WordPress XCloner Backup and Restore plugin cross-site request forgery vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress XCloner Backup and Restore plugin...
CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2019-04442)
CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . An...