CVE-2025-5944

CVE-2025-5944 affects the Element Pack Addons for Elementor WordPress plugin (versions up to 8.0.0). The vulnerability is a Stored/DOM-Based Cross-Site Scripting via the data-caption attribute, exploitable by authenticated users with Contributor-level access or higher. The root cause is insuffici...

PT-2025-27678 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: Element Pack Addons for Elementor plugin for WordPress versions up to, and including, 8.0.0 Description: The issue is related to Stored Cross-Site Scripting via the data-caption attribute due to insufficient input sanitization and output...

WordPress plugin Element Pack Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2024-52900

IBM Cognos Analytics 11.2.0 through 12.2.4 Fix Pack 5 and 12.0.0 through 12.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

CVE-2025-6550

The The Pack Elementor addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slideroptions’ parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2025-27067 · WordPress · Pack Elementor

Name of the Vulnerable Software and Affected Versions: The Pack Elementor plugin for WordPress versions up to and including 2.1.3 Description: The issue is related to stored cross-site scripting, allowing authenticated attackers with contributor or higher access to inject arbitrary web scripts in...

WordPress plugin The Pack Elementor addon 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exis...

SUSE CVE-2022-50168

In the Linux kernel, the following vulnerability has been resolved: bpf, x86: fix freeing of not-finalized bpfprogpack syzbot reported a few issues with bpfprogpack 1, 2. This only happens with multiple subprogs. In jitsubprogs, we first call bpfintjitcompile on each sub program. And then, we cal...

DEBIAN-CVE-2022-50168

In the Linux kernel, the following vulnerability has been resolved: bpf, x86: fix freeing of not-finalized bpfprogpack syzbot reported a few issues with bpfprogpack 1, 2. This only happens with multiple subprogs. In jitsubprogs, we first call bpfintjitcompile on each sub program. And then, we cal...

UBUNTU-CVE-2022-50168

In the Linux kernel, the following vulnerability has been resolved: bpf, x86: fix freeing of not-finalized bpfprogpack syzbot reported a few issues with bpfprogpack 1, 2. This only happens with multiple subprogs. In jitsubprogs, we first call bpfintjitcompile on each sub program. And then, we cal...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unfinalized bpfprogpack release issue...

Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To...

Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024150 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit bsc1239077. Patch Instructions: To...

Description of the security update for SharePoint Enterprise Server 2016 Language Pack: June 10, 2025 (KB5002731)

Description of the security update for SharePoint Enterprise Server 2016 Language Pack: June 10, 2025 KB5002731 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Commo...

Description of the security update for SharePoint Enterprise Server 2016: June 10, 2025 (KB5002732)

Description of the security update for SharePoint Enterprise Server 2016: June 10, 2025 KB5002732 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Word remote code execution vulnerability. To learn more about the vulnerabilities...

Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001026 fixes several issues. The following security issues were fixed: CVE-2025-21680: pktgen: Avoid out-of-bounds access in getimixentries bsc1236701. CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096...

MAL-2025-4839 Malicious code in jsons-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c23d84cb2201d919fefd3fa95fc777c80ed4adbb5e2fc87e1e1430bcb6edab6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in jsons-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c23d84cb2201d919fefd3fa95fc777c80ed4adbb5e2fc87e1e1430bcb6edab6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-46258

Missing Authorization vulnerability in BdThemes Element Pack Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Pack Pro: from n/a before 8.0.0...

CVE-2025-46257

Cross-Site Request Forgery CSRF vulnerability in BdThemes Element Pack Pro allows Cross Site Request Forgery.This issue affects Element Pack Pro: from n/a before 8.0.0...