CVE-2026-7503

CVE-2026-7503 affects code-projects Plugin 4.1.2cu.5137, specifically the setWiFiMultipleConfig function in /cgi-bin/cstecgi.cgi using /lib/cste_modules/wireless.so. The vulnerability arises from improper handling of the wepkey2 argument, causing a buffer overflow. Impact is high (network access,...

CVE-2026-2214

A weakness has been identified in code-projects for Plugin 1.0. This affects an unknown part of the file /Administrator/PHP/AdminAddAlbum.php. This manipulation of the argument txtalbum causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...

CVE-2026-2214

CVE-2026-2214 affects code-projects for Plugin 1.0, with the weakness located in an unknown part of /Administrator/PHP/AdminAddAlbum.php. The issue arises from manipulating the txtalbum argument, enabling a cross-site scripting (XSS) flaw that can be triggered remotely. Multiple connected sources...

CVE-2026-2214 code-projects for Plugin AdminAddAlbum.php cross site scripting

A weakness has been identified in code-projects for Plugin 1.0. This affects an unknown part of the file /Administrator/PHP/AdminAddAlbum.php. This manipulation of the argument txtalbum causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...

PT-2026-7065

A weakness has been identified in code-projects for Plugin 1.0. This affects an unknown part of the file /Administrator/PHP/AdminAddAlbum.php. This manipulation of the argument txtalbum causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...

WordPress Portfolio and Projects plugin <= 1.5.5 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Portfolio and Projects versions = 1.5.5...

CVE-2023-39995

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Portfolio and Projects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio and Projects: from n/a through 1.3.7...

WordPress plugin Processing Projects 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

WordPress Processing Projects plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Processing Projects versions = 1.0.2...

WordPress plugin Processing Projects 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

WordPress Portfolio and Projects Plugin <= 1.3.7 is vulnerable to Broken Access Control

Software Portfolio and Projects Type Plugin Vulnerable versions = 1.3.7 Fixed in 1.3.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40200 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4fd5786d3c57 Credits Abdi Pranata Required...

CVE-2020-29451

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure vulnerability in the Jira Projects plugin report page. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version...