35 matches found
CVE-2026-39668
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
EUVD-2026-20342
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
CVE-2026-39668
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
CVE-2026-39668 WordPress Book Previewer for Woocommerce plugin <= 1.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
CVE-2026-39668 WordPress Book Previewer for Woocommerce plugin <= 1.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
CVE-2026-39668
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
CVE-2026-39668
The CVE-2026-39668 entry covers a Missing Authorization (Broken Access Control) vulnerability in the g5theme Book Previewer for Woocommerce plugin for WordPress, affected through version 1.0.6. The underlying issue is incorrectly configured access control, enabling potential unauthorized access t...
WordPress plugin Book Previewer for Woocommerce 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-31230
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...
EUVD-2017-3278
Malware in sbrugna...
EUVD-2019-0063
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-15138
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary cod...
CVE-2017-11666
Cross-site scripting XSS vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file...
CVE-2019-1020019
invenio-previewer before 1.0.0a12 allows XSS...
sushi bug fix update
An update is available for sushi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Sushi is a quick file previewer for Nautilus, the GNOME desktop file manager. I...
Velociraptor 0.6.9 Release: Digging Even Deeper with SMB Support, Azure Storage and Lockdown Server Mode
Carlos Canto contributed to this article. Rapid7 is very excited to announce version 0.6.9 of Velociraptor is now LIVE and available for download. Much of what went into this release was about expanding capabilities and improving workflows. We’ll now explore some of the interesting new features i...
@cao_steven/nb-core (=1.0.0), @dcodegroup-au/dsg-vue (>=0.0.17 <=0.0.18) +85 more potentially affected by CVE-2021-4103 via vditor (>=2.3.1 <=3.3.9)
vditor NPM version =2.3.1, =0.0.17, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =2.1.5, =0.0.1, =0.0.2, =0.0.1-beta.15, =0.0.1, =0.0.0, =0.0.24 and more Source cves: CVE-2021-4103 Source advisory: OSV:GHSA-CXM3-V4MV-6MH8...
invenio-previewer cross-site scripting vulnerability
invenio-previewer is an Invenio module for previewing files. A cross-site scripting vulnerability exists in versions prior to invenio-previewer 1.0.0a12. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability ...
Cross-site Scripting (XSS)
invenio-previewer is vulnerable to cross-site scripting XSS. It does not escape the user-uploaded file and directly render the file in the JSON, Markdown and iPython Notebook previewers, allowing an attacker to inject arbitrary Javascript into a victim's browser using a malicious file...
CVE-2019-1020019
invenio-previewer before 1.0.0a12 allows XSS...