CVE-2025-53935 WeGIA vulnerable to Reflected Cross-Site Scripting via endpoint `personalizacao_selecao.php` parameter `id`

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the personalizacaoselecao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers...

CVE-2019-15863

The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation with the none role via a request for variants...