CVE-2026-5063

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submitnexform function in versions up to, and including, 9.1.11 due to insufficient input sanitization and output escaping. This makes it...

CVE-2026-2744

CVE-2026-2744 is rejected/not used; this CVE entry does not represent an active vulnerability.

CVE-2024-9652

The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

CVE-2021-24889

The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks...

CVE-2023-43040

IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807...

RHEL 9 : Red Hat Ceph Storage 6.1 (RHSA-2023:5693)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5693 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

CVE-2021-24889

The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks...