PT-2025-45071

Name of the Vulnerable Software and Affected Versions AI Engine plugin for WordPress versions prior to 3.1.4 AI Engine versions 2.8.x and 2.9.x prior to 2.9.5 Description The AI Engine plugin for WordPress has a Sensitive Information Exposure issue via the /mcp/v1/ REST API endpoint. When the...

CVE-2025-46554

XWiki is a generic wiki platform. In versions starting from 1.8.1 to before 14.10.22, from 15.0-rc-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.7.0, anyone can access the metadata of any attachment in the wiki using the wiki attachment REST endpoint...

CVE-2024-58130

In app/Controller/Component/RestResponseComponent.php in MISP before 2.4.193, REST endpoints have a lack of sanitization for non-JSON responses...

PT-2022-13287 · WordPress · Mapsvg Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: MapSVG WordPress plugin versions prior to 6.2.20 Description: The issue concerns a SQL Injection that can be exploited by unauthenticated users due to the lack of validation and escaping of a parameter used in a SQL statement via a REST...