aratinga (=0.1.0a0.dev3), coop (>=7.1.0 <=7.2.1) +7 more potentially affected by CVE-2026-44199 via wagtail (>=7.1.0 <=7.2.3)

wagtail PYPI version =7.1.0, =7.1.0, =1.1.1, =2.0.0, =0.0.1, =7.1.0a1, =7.2.0b0 Source cves: CVE-2026-44199 Source advisory: OSV:GHSA-PWM3-7FV4-G6XX...

CVE-2026-28222

Wagtail CVE-2026-28222 is a stored XSS affecting TableBlock in StreamField. Prior to versions 6.3.8, 7.0.6, 7.2.3, and 7.3.1, an attacker with page creation/edit permissions could craft TableBlock class attributes that render arbitrary JavaScript when viewed by higher-privilege users. This is not...

WordPress plugin Conversios.io 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

CVE-2025-2723

creationtimestamp| type| source ---|---|--- 2025-03-25 01:24:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8578 2025-03-25 02:46:02+00:00| seen| https://t.me/cvedetector/21014...

WordPress Plugin Really Simple SSL 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A code issue vulnerability exists in WordPress Plugin...

CVE-2023-44249

An authorization bypass through user-controlled key CWE-639 vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 allows a remote attacker with low privileges to read sensitive information via crafted HTTP requests...

PT-2023-5994 · Fortinet · Fortimanager +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions 7.4.0 and before 7.2.3 Fortinet FortiAnalyzer versions 7.4.0 and before 7.2.3 Description: The issue is related to the implementation of client-side security features. It may allow a remote attacker with low...

CVE-2022-45861

An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated...

CVE-2023-22283

On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacke...

PT-2022-20714 · Proxmox · Proxmox Virtual Environment

Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment versions prior to 7.2-3 Description: A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under the path "/api2/html/". This enables...

b2evolution 安全特征问题漏洞

b2evolution is a community content management system based on PHP and MySQL. A security signature issue vulnerability exists in b2evolution 7.2.3 and earlier versions, which stems from the ability to predict any user's password through the use of a bad random function, which can be exploited by a...

PT-2022-10543 · Unknown · Enc Datavault Oem +1

Name of the Vulnerable Software and Affected Versions: ENC DataVault versions 7.2.3 and before ENC DataVault OEM versions Description: The issue concerns the use of an encryption algorithm that is vulnerable to data manipulation, known as ciphertext malleability, without requiring knowledge of th...

IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2018-08913)

IBM Security QRadar SIEM is an IBM USA solution that consolidates log-sourced event data from thousands of devices and applications dispersed throughout the network. The solution stores each event in its raw form and then performs instant correlation of events to differentiate between actual...