23 matches found
CVE-2026-46698 Fediverse Embeds: Public-nonce SSRF via ftf_get_site_info AJAX action
Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.9, Fediverse Embeds registered the unauthenticated AJAX action wpajaxnoprivftfgetsiteinfo includes/SiteInfo.php that verified a nonce ftf-fediverse-embeds-nonce and then called filegethtml$siteurl on the...
CVE-2026-9757 GEO my WP <= 4.5.5 - Unauthenticated SQL Injection via 'swlatlng' / 'nelatlng' Parameters
The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...
EUVD-2026-33453
The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...
PT-2026-39153
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but SESSION SAVE EVERY REQUEST is True. A remote attacker can steal a user's session after that user visits a cached public page. Earlier, unsupported Django...
CVE-2026-35192
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but SESSIONSAVEEVERYREQUEST is True. A remote attacker can steal a user's session after that user visits a cached public page. Earlier, unsupported Django serie...
CVE-2026-35192
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but SESSIONSAVEEVERYREQUEST is True. A remote attacker can steal a user's session after that user visits a cached public page. Earlier, unsupported Django serie...
PT-2026-37170
Name of the Vulnerable Software and Affected Versions Lemmy versions prior to 0.19.18 Description Lemmy fetches metadata for user-supplied post URLs and, when using the default StoreLinkPreviews image mode, downloads preview images via local pict-rs. While the initial top-level page URL is checke...
CVE-2026-39367 WWBN AVideo has Stored XSS via Malicious EPG XML Program Titles in AVideo EPG Page
WWBN AVideo is an open source video platform. In versions 26.0 and prior, AVideo's EPG Electronic Program Guide feature parses XML from user-controlled URLs and renders programme titles directly into HTML without any sanitization or escaping. A user with upload permission can set a video's epglin...
WordPress Plugin Web Accessibility by accessiBe Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Web Accessibility by...
CVE-2025-13371
The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.13.9. This is due to the plugin storing full payment card details PAN, card holder name, expiry month/year, and CVV in WordPress postmeta using base64encode, and then...
WordPress plugin MoneySpace 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An information...
XWiki view file macro: User can view content of office file without view rights on the attachment
Summary A user with no view rights on a page may see the content of an office attachment displayed with the view file macro. Details If on a public page is displayed an office attachment from a restricted page, a user with no view rights on the restricted page can view the attachment content, no...
EUVD-2024-22151
Malicious code in bioql PyPI...
PoC-Stored-XSS-textpattern-4.8.8-Exploit
Textpattern CMS 4.8.8 — Stored XSS Advisory Title: Stored...
PT-2025-26681 · Advantech +1 · Advantech Wireless Sensing/Equipment +6
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue allows an unauthenticated attacker to upload firmware through a public update page. This could potentially lead to backdoor installation or privilege escalation. Recommendations: A...
CVE-2024-25511
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/addresspublicnew.aspx...
CVE-2024-6792
Vulnerability context: CVE-2024-6792 affects the WP ULike WordPress plugin prior to 4.7.2.1. The issue stems from improper sanitization of user display names when rendering on public pages, which is described in Red Hat and Patchstack entries as a subscriber-level stored XSS exposure. Affected so...
SUSE CVE-2021-41179
Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public. Any page marked as @PublicPage could thus be accessed with a valid user session that isn't...
Gitea XSS Vulnerability in Repository Description
Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting XSS. The impact is: execute JavaScript in victim's browser, when the vulnerable repo page is loaded. The component is: repository's description. The attack vector is: victim must navigate to public and affected repo page...
CVE-2021-24221
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin before 7.1.12 did not sanitise the resultid GET parameter on pages with the qsmresult shortcode without id attribute, concatenating it in a SQL statement and leading to an SQL injection. The lowest role allowed to...