Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.24 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.17.24 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.17.24 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6194: Backport to odf-4.17.24 ocs-operator should not use image gcr.io/kubebuilder/kube-rbac-proxy...

CVE-2026-0807

The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.6. This is due to insufficient restriction on the 'url' parameter in the 'templateproxy' function. This makes it possible for unauthenticated attackers to make web reques...

CVE-2026-0807

The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.6. This is due to insufficient restriction on the 'url' parameter in the 'templateproxy' function. This makes it possible for unauthenticated attackers to make web reques...

CVE-2026-0807

The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.6. This is due to insufficient restriction on the 'url' parameter in the 'templateproxy' function. This makes it possible for unauthenticated attackers to make web reques...

CVE-2026-0807

The CVE-2026-0807 entry concerns Frontis Blocks for WordPress (Frontis Blocks — Block Library for the Block Editor). It describes an unauthenticated Server-Side Request Forgery (SSRF) vulnerability in all versions up to and including 1.1.6 caused by insufficient restriction on the url parameter i...

CVE-2026-0807 Frontis Blocks <= 1.1.6 - Unauthenticated Server-Side Request Forgery via 'url' Parameter

The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.6. This is due to insufficient restriction on the 'url' parameter in the 'templateproxy' function. This makes it possible for unauthenticated attackers to make web reques...

EUVD-2025-25631

Malicious code in bioql PyPI...

CVE-2025-7813

The Events Calendar, Event Booking, Registrations and Event Tickets – Eventin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.37 via the proxyimage function. This makes it possible for unauthenticated attackers to make web requests to...

CVE-2025-7813

The Events Calendar, Event Booking, Registrations and Event Tickets – Eventin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.37 via the proxyimage function. This makes it possible for unauthenticated attackers to make web requests to...

CVE-2025-7813

CVE-2025-7813 refers to the Eventin plugin for WordPress (The Events Calendar, Event Booking, Registrations and Event Tickets) where SSRF exists in all versions up to 4.0.37 via the proxy_image function. The vulnerability allows unauthenticated attackers to make web requests from the application ...

CVE-2025-7813 Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery

The Events Calendar, Event Booking, Registrations and Event Tickets – Eventin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.37 via the proxyimage function. This makes it possible for unauthenticated attackers to make web requests to...

CVE-2025-7813 Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery

The Events Calendar, Event Booking, Registrations and Event Tickets – Eventin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.37 via the proxyimage function. This makes it possible for unauthenticated attackers to make web requests to...

WordPress plugin Eventin 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

PT-2025-34519 · WordPress · Eventin

Name of the Vulnerable Software and Affected Versions: Eventin plugin for WordPress versions through 4.0.37 Description: The Eventin plugin for WordPress is susceptible to Server-Side Request Forgery SSRF via the proxy image function. This allows unauthenticated attackers to make web requests to...

Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server

Description: This update fixes the following issues: proxy-helm: Version 5.0.15: Image rebuilt to the newest version with updated dependencies proxy-httpd-image: Version 5.0.13: Add redirect of API calls from proxy to the server bsc1241880 proxy-salt-broker-image: Version 5.0.13: Image rebuilt to...

CVE-2025-3419

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 4.0.26 via the proxyimage function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on...

WordPress plugin Event Manager, Events Calendar, Tickets, Registrations – Eventin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Event Manager...

Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server

Description: This update fixes the following issues: proxy-httpd-image: Version 5.0.8 Store Proxy FQDN in rhn.conf for auth token use bsc1230255 proxy-salt-broker-image: Version 5.0.8 Update for next release proxy-squid-image: Version 5.0.8 Update for next release proxy-ssh-image: Version 5.0.8...