5093 matches found
WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Filter Everything versions 1.7...
WordPress Make Column Clickable Elementor Plugin <= 1.6.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Ritsuy in WordPress Plugin Make Column Clickable Elementor versions = 1.6.0...
SUSE CVE-2023-53369
In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCBATTRBCN The dcbnlbcnsetcfg uses erroneous policy to parse tbDCBATTRBCN, which is introduced in commit 859ee3c43812 "DCB: Add support for DCB BCN". Please see the comment in below code...
WordPress WP Hotel Booking plugin < 2.2.3 - Subscriber+ Rating Manipulation vulnerability
Subscriber+ Rating Manipulation vulnerability discovered by Muhammed Çelik in WordPress Plugin WP Hotel Booking versions 2.2.3...
SUSE CVE-2023-53169
In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Clear stagedconfig before and after it is used As a temporary storage, stagedconfig in rdtdomain should be cleared before and after it is used. The stale value in stagedconfig could cause an MSR access error. Here is...
WordPress The Events Calendar plugin <= 6.15.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by mikemyers in WordPress Plugin The Events Calendar versions = 6.15.1...
WordPress User Meta – User Profile Builder and User management plugin plugin <= 3.1.2 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Kishan Vyas in WordPress Plugin User Meta versions = 3.1.2...
WordPress Plugin updates blocker plugin <= 0.2 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Plugin updates blocker versions = 0.2...
Linux Distros Unpatched Vulnerability : CVE-2016-2497
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, a...
WordPress Responsive Filterable Portfolio plugin <= 1.0.24 - Authenticated (Admin+) Arbitrary File Upload vulnerability
Authenticated Admin+ Arbitrary File Upload vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Responsive Filterable Portfolio versions = 1.0.24...
WordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by YCInfosec in WordPress Plugin Tutor LMS versions = 3.7.4...
CVE-2025-47416 ConsoleFindCommandMatchList
A vulnerability exists in the ConsoleFindCommandMatchList function in libsymproc. so imported by ctpd that may lead to unauthorized execution of an attacker-defined file that gets prioritized by the ConsoleFindCommandMatchList. A third-party researcher discovered that the...
WordPress Categorify plugin <= 1.0.7.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Categorify versions = 1.0.7.5...
WordPress City Hostel Theme <= 1.2.3 is vulnerable to Local File Inclusion
Software City Hostel Type Theme Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 3b527ab49278 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...
WordPress Gutentype Theme <= 2.1.11 is vulnerable to Local File Inclusion
Software Gutentype Type Theme Vulnerable versions = 2.1.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 42f4a10f514e Credits Bonds Required privilege Unauthenticated Publish...
WordPress Samadhi Theme <= 1.0.13 is vulnerable to Local File Inclusion
Software Samadhi Type Theme Vulnerable versions = 1.0.13 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0bf8a42958bd Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...
WordPress AI ANN Theme <= 1.1.0 is vulnerable to Local File Inclusion
Software AI ANN Type Theme Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID db0cdc544b6f Credits Bonds Required privilege Unauthenticated Published 8...
WordPress Anubia Theme <= 1.0.14 is vulnerable to Local File Inclusion
Software Anubia Type Theme Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID b5ed4e6dec35 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...
WordPress Wine House Theme <= 3.12 is vulnerable to Local File Inclusion
Software Wine House Type Theme Vulnerable versions = 3.12 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID e14880ba7339 Credits Bonds Required privilege Unauthenticated Publishe...
WordPress Chardonnay Theme <= 1.19.0 is vulnerable to Local File Inclusion
Software Chardonnay Type Theme Vulnerable versions = 1.19.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 1db13f9cabe3 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...