CVE-2023-2181

An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI...

CVE-2023-0329

The Elementor Website Builder WordPress plugin before 3.12.2 does not properly sanitize and escape the Replace URL parameter in the Tools module before using it in a SQL statement, leading to a SQL injection exploitable by users with the Administrator role...

CVE-2023-5322

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 up to 20151231. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sysmanage/editmanageadmin.php. The manipulation of the argument id leads to sql injection. The attack may be...

CVE-2022-1472

The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection...

CVE-2022-1218

The Domain Replace WordPress plugin through 1.3.8 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2022-2554

The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example...

CVE-2022-2593

The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks...

CVE-2021-37364

OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has the modify permission to openclinic folders/files. A low privilege account is able to rename mysqld.exe or tomcat8.exe files located in bin folders and replace with a malicious file that would...

kernel: net: sched: fix use-after-free in taprio_change()

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in tapriochange In 'tapriochange', 'admin' pointer may become dangling due to sched switch / removal caused by 'advancesched', and critical section protected by 'q-currententrylock' is too small to...

CVE-2025-47483

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through = 3.5.0...

PT-2025-27681

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A possible deadlock in the macb halt tx function has been identified. This issue occurs when, after setting THALT high, TGO stays high as well, causing jiffies to never be updated due ...

CVE-2025-47483

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through = 3.5.0...

CVE-2025-47483

CVE-2025-47483 is a SSRF vulnerability in the WordPress plugin Easy Replace Image (versions

CVE-2025-47483 WordPress Easy Replace Image <= 3.5.0 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image allows Server Side Request Forgery. This issue affects Easy Replace Image: from n/a through 3.5.0...

CVE-2025-47483 WordPress Easy Replace Image plugin <= 3.5.0 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through = 3.5.0...

WordPress Easy Replace Image plugin <= 3.5.0 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by theviper17 in WordPress Plugin Easy Replace Image versions = 3.5.0...

PT-2025-20110 · Unknown · Iulia Cazan Easy Replace Image

Name of the Vulnerable Software and Affected Versions: Iulia Cazan Easy Replace Image versions prior to 3.5.0 Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability, which allows for Server Side Request Forgery. Recommendations: For versions prior to 3.5.0, update t...

WordPress plugin Easy Replace Image 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

UBUNTU-CVE-2024-58237

In the Linux kernel, the following vulnerability has been resolved: bpf: consider that tail calls invalidate packet pointers Tail-called programs could execute any of the helpers that invalidate packet pointers. Hence, conservatively assume that each tail call invalidates packet pointers. Making...

PT-2025-19761 · WordPress · External Image Replace Plugin

Name of the Vulnerable Software and Affected Versions: External image replace plugin for WordPress versions up to, and including, 1.0.8 Description: The issue is related to missing file type validation in the external image replace get posts::replace post function, allowing authenticated attacker...