CVE-2025-39410

Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...

CVE-2025-39410

CVE-2025-39410 describes a deserialization of untrusted data vulnerability in the WordPress plugin “Smart Sections Theme Builder – WPBakery Page Builder Addon” (versions up to 1.7.8). Public data in the connected documents confirms a PHP Object Injection flaw that affects this addon, with CVSS v3...

CVE-2025-39410 WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...

CVE-2025-39410 WordPress Smart Sections Theme Builder - WPBakery Page Builder Addon plugin <= 1.7.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: from n/a through 1.7.8...

WordPress plugin Smart Sections Theme Builder - WPBakery Page Builder Addon 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin Smart Sections Theme...

PT-2025-22078 · Unknown · Smart Sections Theme Builder

Name of the Vulnerable Software and Affected Versions: Smart Sections Theme Builder - WPBakery Page Builder Addon versions 1.7.8 and earlier Description: The issue is related to the deserialization of untrusted data in the Smart Sections Theme Builder - WPBakery Page Builder Addon. This could...

Incorrect Authorization

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Incorrect Authorization due to improper permission checks in the AJAX section delete functionality. An attacker can delete course sections without having the necessary permissions by exploiting this...

UBUNTU-CVE-2025-3644

A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify...

CVE-2025-3644

CVE-2025-3644 : A flaw in Moodle allows a user to delete course sections without proper modify permissions. The connected sources confirm Moodle as affected, citing insufficient permission checks as the root cause; the available details do not specify affected versions beyond Moodle in general, n...

Moodle 安全漏洞

Moodle is a free e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from a lack of a checking mechanism that can be exploited by an attacker to delete sections o...

PT-2025-17919

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw was found in the software, where additional checks were required to prevent users from deleting course sections they did not have permission to modify. Recommendations At the moment,...

CVE-2025-25615

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections...

CVE-2025-25615

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections...

CVE-2025-25615

Unifiedtransform 2.0 is affected by an incorrect access control vulnerability that allows viewing attendance lists for all class sections. The issue is a confidentiality-related flaw in access control, enabling unauthorized exposure of attendance data without exploitation details provided in the ...

Linux Distros Unpatched Vulnerability : CVE-2024-47724

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b wifi: ath11k: ad...

CVE-2020-6149

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section...

Malicious code in spicy-sections (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1219a9ef68604ee2328197a68dbfe365cc32084933ca9ca0eff24d191dbb91d Any computer that has this package installed or running should be considered...

MAL-2025-1051 Malicious code in spicy-sections (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1219a9ef68604ee2328197a68dbfe365cc32084933ca9ca0eff24d191dbb91d Any computer that has this package installed or running should be considered...

SUSE CVE-2024-57945

In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Fix the out of bound issue of vmemmap address In sparse vmemmap model, the virtual address of vmemmap is calculated as: struct page VMEMMAPSTART - physrambase PAGESHIFT. And the struct page's va can be calculated with ...

GHSA-R279-47WG-CHPR XWiki allows RCE from script right in configurable sections

Impact Any user with script rights can perform arbitrary remote code execution by adding instances of XWiki.ConfigurableClass to any page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on a instance, as a user with script rights, ed...