10 matches found
EUVD-2025-31210
Malicious code in bioql PyPI...
CVE-2025-10173
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized access due to an incorrect capability check on the postsave function in all versions up to, and including, 4.8.3. This makes it possible for authenticated...
CVE-2025-10173 ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution <= 4.8.3 - Insufficient Authorization to Authenticated (Editor+) Settings Update
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized access due to an incorrect capability check on the postsave function in all versions up to, and including, 4.8.3. This makes it possible for authenticated...
WordPress plugin ShopEngine Elementor WooCommerce Builder Addon 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
PT-2025-39485
Name of the Vulnerable Software and Affected Versions ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution versions prior to 4.8.4 Description The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress is susceptible to unauthorized access. This is due to ...
CVE-2024-22491
A Stored Cross Site Scripting XSS vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter...
CVE-2024-22491
A Stored Cross Site Scripting XSS vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter...
FreeBSD : Django -- multiple vulnerabilities (4e3fa78b-1577-11ea-b66e-080027bdabe8)
Django release reports : CVE-2019-19118: Privilege escalation in the Django admin. Since Django 2.1, a Django model admin displaying a parent model with related model inlines, where the user has view-only permissions to a parent model but edit permissions to the inline model, would display a...
DEBIAN-CVE-2019-19118
Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests,...
CVE-2018-20006
An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulnerability via the title parameter to api.php?c=post&f=save reachable via the index.php?id=book URI...