MAL-2025-18303 Malicious code in des-responsive-framework (npm)

The package des-responsive-framework was found to contain malicious code...

Malicious code in responsive-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4afdda2858edbdcc921f3ba82cbd2e348994eb5d31b6a87f4487dd774ee554f7 The OpenSSF Package Analysis project identified 'responsive-dashboard' @ 2.0.0 npm as malicious. It is considered malicious because: - The packa...

MAL-2025-6876 Malicious code in responsive-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4afdda2858edbdcc921f3ba82cbd2e348994eb5d31b6a87f4487dd774ee554f7 The OpenSSF Package Analysis project identified 'responsive-dashboard' @ 2.0.0 npm as malicious. It is considered malicious because: - The packa...

CVE-2025-52728 WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

CVE-2025-52728

CVE-2025-52728 is a PHP Local File Inclusion vulnerability in the WordPress plugin “Responsive Posts Carousel Pro” (affected: versions up to 15.0), caused by improper control of filenames used in include/require statements. The issue enables inclusion of local files via crafted input. Connected s...

CVE-2025-52728 WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel WordPress Plugin allows PHP Local File Inclusion. This issue affects Responsive Posts Carousel WordPress Plugin: from n/a through 15.0...

CVE-2025-8690

The Simple Responsive Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inje...

PT-2025-33209 · WordPress · Webcodingplace Responsive Posts Carousel

Name of the Vulnerable Software and Affected Versions: WebCodingPlace Responsive Posts Carousel WordPress Plugin versions through 15.0 Description: The vulnerability involves improper control of filename handling for include/require statements in a PHP program, specifically a PHP Local File...

WordPress plugin Responsive Posts Carousel WordPress Plugin Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Responsive Posts Carousel Pro versions = 15.0...

CVE-2025-8793

A vulnerability classified as problematic was found in LitmusChaos Litmus up to 3.19.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument projectID leads to improper control of resource identifiers. The attack can be launched remotely. The exploit has be...

CVE-2025-8690

The Simple Responsive Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inje...

CVE-2025-8690 Simple Responsive Slider <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Simple Responsive Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inje...

PT-2025-32622 · WordPress · Simple Responsive Slider

Name of the Vulnerable Software and Affected Versions: Simple Responsive Slider versions prior to 2.0 Description: The Simple Responsive Slider plugin for WordPress is susceptible to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated...

Linux Distros Unpatched Vulnerability : CVE-2021-23995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been...

Linux Distros Unpatched Vulnerability : CVE-2021-47271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fix deadlock issue in cdnspthreadirqhandler Patch fixes the following critical...

CVE-2025-8816

CVE-2025-8816 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 routers. The vulnerability is a stack-based buffer overflow in the /goform/setOpMode function when the ethConv argument is manipulated, allowing remote execution. Exploitation is publicly disclosed per the source descriptions...

CVE-2025-8774

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...

CVE-2025-8745

A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An...

PT-2025-32414 · Unknown · Macrozheng Mall

Name of the Vulnerable Software and Affected Versions: macrozheng mall version 1.0.3 Description: A problematic issue exists within the Admin Login component, leading to improper restriction of excessive authentication attempts. The attack can be launched remotely and is considered difficult to...