CVE-2025-50756

Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the setsysadm function via the newpass parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2024-8500

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in all versions up to, and including, 7.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...