7 matches found
CVE-2026-6700
The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settingspagebuild function. This makes it possible for unauthenticated attackers to trick a logged-in...
PT-2026-45438
Name of the Vulnerable Software and Affected Versions VeronaLabs WP Statistics versions prior to 14.16.6 Description Improper neutralization of input during web page generation allows for DOM-Based Cross-Site Scripting XSS, a flaw where the application contains client-side JavaScript that process...
EUVD-2026-27203
The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settingspagebuild function. This makes it possible for unauthenticated attackers to trick a logged-in...
CVE-2026-6700
The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settingspagebuild function. This makes it possible for unauthenticated attackers to trick a logged-in...
WordPress plugin DX Sources 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2025-53581
CVE-2025-53581 is a stored XSS vulnerability in the artiosmedia RSS Feed Pro WordPress plugin (versions up to 1.1.8). The root cause is improper input neutralization during web page generation, allowing stored JavaScript in the feed output. Impact: low to moderate per CVSS 3.1 metrics (base score...
SUSE-SU-2022:2015-1 Security update for gcc48
This update for gcc48 fixes the following issues: - CVE-2019-14250: Fixed an integer overflow that could lead to an invalid memory access bsc1142649. Non-security fixes: - Fixed an issue with manual page builds bsc1185395. - Fixed an issue with static initializers bsc1177947. - Fixed an issue wit...