Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — "Copy Fail": Linux Kernel algifaead Local...

WordPress Like & Share My Site plugin <= 0.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Like & Share My Site versions = 0.2...

WordPress FluentSnippets plugin <= 10.50 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin FluentSnippets versions = 10.50...

WordPress WPComplete plugin <= 2.9.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin WPComplete versions = 2.9.5...

WordPress YITH PayPal Express Checkout for WooCommerce plugin <= 1.49.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin YITH PayPal Express Checkout for WooCommerce versions = 1.49.0...

WordPress FastBook plugin <= 1.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by HLog in WordPress Plugin FastBook versions = 1.1...

WordPress ThemeHunk plugin <= 1.1.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin ThemeHunk versions = 1.1.2...

PT-2025-23290 · Undefined · Undefined

CVE-2022-26037 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2022-26037 Published : May 28, 2025, 5:15 p.m. | 16 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit the link for...

CVE-2025-4575

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

WordPress WP YouTube Video Optimizer plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang in WordPress Plugin WP YouTube Video Optimizer versions = 1.2...

WordPress tarteaucitron.js for WordPress plugin < 0.3.0 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Pierre Rudloff in WordPress Plugin tarteaucitron.js for WordPress versions 0.3.0...

Vyper's `slice()` may elide side-effects when output length is 0

Impact the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. the reason is that for these source locations, the check that length = 1 is skipped:...

Vyper's `concat()` builtin may elide side-effects for zero-length arguments

Impact concat may skip evaluation of side effects when the length of an argument is zero. this is due to a fastpath in the implementation which skips evaluation of argument expressions when their length is zero:...

WordPress Magic Responsive Slider and Carousel WordPress plugin < 1.6 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Magic Responsive Slider and Carousel WordPress versions 1.6...

WordPress QuickCal plugin <= 1.0.15 - CSRF to Privilege Escalation vulnerability

CSRF to Privilege Escalation vulnerability discovered by Bonds in WordPress Plugin QuickCal - Appointment Booking Calendar for WordPress versions = 1.0.15...

WordPress EasyMe Connect plugin <= 3.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin EasyMe Connect versions = 3.0.3...

WordPress AHAthat Plugin plugin <= 1.6 - Cross-Site Request Forgery to AHA Page Deletion vulnerability

Cross-Site Request Forgery to AHA Page Deletion vulnerability discovered by Régis SENET in WordPress Plugin AHAthat versions = 1.6...

WordPress Abundatrade Plugin plugin <= 1.8.02 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Abundatrade versions = 1.8.02...

GHSA-8X27-JWJR-8545 SQL injection in ADOdb PostgreSQL driver pg_insert_id() method

Improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pginsertid with user-supplied data. Note that the indicated Severity corresponds to a worst-case usage scenario. Impact PostgreSQL...

WordPress Custom Related Posts plugin <= 1.7.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Custom Related Posts versions = 1.7.4...