CVE-2026-1993

CVE-2026-1993 describes an vulnerability in the ExactMetrics – Google Analytics Dashboard for WordPress plugin. Affected versions 7.1.0 through 9.0.2 suffer from Improper Privilege Management: the update_settings() function accepts arbitrary plugin setting names without a whitelist of allowed nam...

PT-2022-20738 · WordPress · Wordfence Security – Firewall & Malware Scan

Name of the Vulnerable Software and Affected Versions: Wordfence Security – Firewall & Malware Scan plugin for WordPress versions up to and including 7.6.0 Description: The issue allows authenticated users with administrative privileges to inject malicious web scripts into a setting on the option...

HP ThinPro OS Connection Settings Option Privileged Access Vulnerability

HP ThinPro OS is a thin client operating system. A security vulnerability in HP ThinPro OS's handling of connection setup options when processing command line arguments allows attackers to exploit the vulnerability to elevate privileges...

Opera Skinned & Opera Directory Traversal (Additional Details & a Simple Exploit)

Opera Skinned & Opera Directory Traversal Additional Details & a Simple Exploit: ================================================================================== ADDITIONAL DETAILS: While installing Opera, if the "USE SEPARATE SETTINGS FOR EACH USER" option is selected, the "opera7/profile"...