CVE-2025-15516

The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxcallbackstoreusermeta function in versions 4.1.0 to 4.6.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...

Exploit for CVE-2025-62506

CVE-2025-62506 Vulnerability Verification Script !中文https...

MinIO is Vulnerable to Privilege Escalation via Session Policy Bypass in Service Accounts and STS

Summary A privilege escalation vulnerability allows service accounts and STS Security Token Service accounts with restricted session policies to bypass their inline policy restrictions when performing "own" account operations, specifically when creating new service accounts for the same user...

Linux Distros Unpatched Vulnerability : CVE-2020-13335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper group membership validation when deleting a user account in GitLab =7.12 allows a user to delete own account without deleting/transferring their group...

UBUNTU-CVE-2020-13335

Improper group membership validation when deleting a user account in GitLab =7.12 allows a user to delete own account without deleting/transferring their group...