2674 matches found
CVE-2025-31592
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paolo Melchiorre Send E-mail send-e-mail allows Stored XSS.This issue affects Send E-mail: from n/a through = 1.3...
CVE-2025-31592 WordPress Send E-mail plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paolo Melchiorre Send E-mail send-e-mail allows Stored XSS.This issue affects Send E-mail: from n/a through = 1.3...
CVE-2025-31592
CVE-2025-31592 is a Stored XSS in the WordPress plugin Send E-mail (
WordPress plugin Send E-mail 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
DEBIAN-CVE-2023-52992
In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in sendsignalcommon The following kernel panic can be triggered when a task with pid=1 attaches a prog that attempts to send killing signal to itself, also see 1 for more details: Kernel panic - not...
UBUNTU-CVE-2023-52992
In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in sendsignalcommon The following kernel panic can be triggered when a task with pid=1 attaches a prog that attempts to send killing signal to itself, also see 1 for more details: Kernel panic - not...
UBUNTU-CVE-2022-49754
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix a buffer overflow in mgmtmeshadd Smatch Warning: net/bluetooth/mgmtutil.c:375 mgmtmeshadd error: memcpy 'meshtx-param' too small 48 vs 50 Analysis: 'meshtx-param' is array of size 48. This is the destination. u8...
CVE-2023-52992
CVE-2023-52992 affects the Linux kernel; the vulnerability exists in BPF’s send_signal_common path where a task with pid=1 can trigger a kernel panic (kernel: “Attempted to kill init!”). A fix was applied to skip pid=1 in bpf_send_signal_common(), preventing this panic. Impact is local, with pote...
Dolphin Pro 7.4.2 Cross Site Scripting
Dolphin Pro version 7.4.2 suffers from a persistent cross site scripting vulnerability. Exploit Title: Stored XSS via Send Message Functionality - dolphin.prov7.4.2 Date: 03/2025 Exploit Author: Andrey Stoykov Version: 7.4.2 Date: 03/2025 Tested on: Debian 12 Blog:...
LoLLMs Web UI 代码问题漏洞
LoLLMs Web UI is a web user interface for large languages and multimodal systems by Saifeddine ALOUI Individual Developer. A code issue vulnerability exists in LoLLMs Web UI version v12, which stems from the Send file to AL feature that allows uploading of dangerous files, which could lead to...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from accessing a skb's memory even after it has been sent, potentially leading to reuse after release...
Vulnerabilities of the MODULE_ALIAS() and j1939_send_one() functions (net/can/j1939/main.c) in the Linux operating system kernel, allowing a hacker to trigger a service failure
The vulnerability of the MODULEALIAS and j1939sendone functions net/can/j1939/main.c in the Linux operating system kernel is related to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
WordPress plugin Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Uncanny Automator - Easy...
PT-2025-11069 · Google · Android
Name of the Vulnerable Software and Affected Versions: bnepu affected versions not specified Description: A use-after-free issue exists in the bnepu check send packet function within bnep utils.cc. This could lead to local escalation of privilege without requiring additional execution privileges ...
PT-2025-11000 · WordPress · The Uncanny Automator – Easy Automation
Name of the Vulnerable Software and Affected Versions: The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress versions up to, and including, 6.2 Description: The issue allows authenticated attackers with Administrator-level access and above t...
AutoGPT 代码问题漏洞
AutoGPT is a tool from AutoGPT Open Source. Used to enable everyone to use and build accessible AI. A code issue vulnerability exists in versions prior to AutoGPT autogpt-platform-beta-v0.4.2, which stems from a Send Web Request component that could lead to server-side request forgery...
CVE-2025-23600
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pinal.shah Send to a Friend Addon send-booking-invites-to-friends allows Reflected XSS.This issue affects Send to a Friend Addon: from n/a through = 1.4.1...
CVE-2025-23600 WordPress Send to a Friend Addon plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pinal.shah Send to a Friend Addon allows Reflected XSS. This issue affects Send to a Friend Addon: from n/a through 1.4.1...
CVE-2025-23600 WordPress Send to a Friend Addon plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pinal.shah Send to a Friend Addon send-booking-invites-to-friends allows Reflected XSS.This issue affects Send to a Friend Addon: from n/a through = 1.4.1...
CVE-2025-23600
CVE-2025-23600 is a reflected XSS in the WordPress plugin “Send to a Friend Addon” (versions 1.4.1 and earlier). The root cause is improper neutralization of input during web page generation, allowing attacker-supplied input to be reflected in the page. Affected component: pinal.shah Send to a Fr...