221701 matches found
vim security update
An update is available for vim. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...
Exploit for CVE-2026-8206
CVE-2026-8206 - Kirki Account Takeover Lab Local Docker lab f...
WordPress JetSearch plugin <= 3.5.17 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Bonds in WordPress Plugin JetSearch versions = 3.5.17...
CVE-2026-49777
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.3. No patched version is available - the vendor has applied a fi...
WordPress User Registration Stripe plugin <= 1.3.12 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin User Registration Stripe versions = 1.3.12...
WordPress WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms versions = 1.1.4...
WordPress Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms versions = 1.1.1...
CVE-2026-49777 WordPress Product Slider Pro for WooCommerce plugin < 3.5.3 - Backdoor vulnerability
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.3. No patched version is available - the vendor has applied a fi...
EUVD-2026-34792
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.3. No patched version is available - the vendor has applied a fi...
CVE-2026-49777 WordPress Product Slider Pro for WooCommerce plugin < 3.5.3 - Backdoor vulnerability
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.3. No patched version is available - the vendor has applied a fi...
CVE-2026-49777
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.3. No patched version is available - the vendor has applied a fi...
CVE-2026-49777
CVE-2026-49777 affects the WordPress plugin Product Slider Pro for WooCommerce by ShapedPlugin, LLC. The issue is described as improper validation of a specified quantity in input, enabling potential malicious software implantation. Affected product/version: Product Slider Pro for WooCommerce pri...
WordPress Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.2.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms versions = 1.2.1...
WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms versions = 1.1.4...
WordPress Hybrid Composer plugin <= 1.4.6 Unauthenticated Settings Change vulnerability
WordPress Hybrid Composer plugin = 1.4.6 Unauthenticated Settings Change vulnerability discovered by ? in WordPress Plugin Hybrid Composer versions = 1.4.6...
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300 CVSS score: 9.8, a remote code execution...
vim security update
An update is available for vim. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...
RLSA-2026:22730 Moderate: vim security update
Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...
[SECURITY] Fedora 43 Update: nextcloud-33.0.4-1.fc43
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
MStore API <= 3.9.1 - Authentication Bypass
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.1. This is due to insufficient verification on the user being supplied during the cart sync from mobile REST API request through the plugin. This makes it possible for unauthenticated...