PT-2026-43644

Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Input Data Manipulation.This issue affects Ads by WPQuads: from n/a through = 3.0.2...

WordPress Location Weather – WordPress Weather Forecast, AQI, Temperature and Weather Widget plugin <= 3.0.2 - Missing Authorization to Authenticated (Contributor+) Block Settings Modification and Cache Purging vulnerability

Missing Authorization to Authenticated Contributor+ Block Settings Modification and Cache Purging vulnerability discovered by momopon1415 in WordPress Plugin Location Weather versions = 3.0.2...

WordPress plugin wpForo Forum 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CLEANSTART-2026-EB74978 Security fixes for CVE-2020-8912, CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.0.2-r0, 3.0.2-r1

Multiple security vulnerabilities affect the grafana-mimir package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-4004

The Task Manager plugin for WordPress is vulnerable to arbitrary shortcode execution via the 'search' AJAX action in all versions up to, and including, 3.0.2. This is due to missing capability checks in the callbacksearch function and insufficient input validation that allows shortcode syntax...

Failed to create a restore point: PostgreSQL database operation failed multiple times with transient error.

Challenge After upgrading to Veeam Backup for Microsoft 365 8.2 or 8.3, jobs fail with the erorr: Failed to create a restore point: PostgreSQL database operation failed multiple times with transient error. Cause This issue occurs because various one-time PostgreSQL queries that the software...

PT-2026-27643

Name of the Vulnerable Software and Affected Versions Kea versions 2.6.0 through 2.6.4 Kea versions 3.0.0 through 3.0.2 Description A specially crafted message sent to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons via an API socket or HA listener can lead to a stack overflow...

CVE-2025-53618

An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscaleconvert is called base...

EUVD-2025-202036

Missing Authorization vulnerability in Jegstudio Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons gutenverse-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons:...

CVE-2025-54721

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress Resca resca allows Reflected XSS.This issue affects Resca: from n/a through = 3.0.2...

CVE-2024-4390

The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any WordPress action/functio...

CVE-2023-51065

Incorrect access control in QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 allows unauthenticated attackers to obtain system backups and other sensitive information from the QStar Server...

CVE-2022-3025

creationtimestamp| type| source ---|---|--- 2025-05-22 14:44:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17291...

CVE-2023-53038 scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc in lpfcsli4cgnparamsread If kzalloc fails in lpfcsli4cgnparamsread, then we rely on lpfcreadobject's routine to NULL check pdata. Currently, an early return error is thrown from lpfcreadobject to protect...

CVE-2023-53020 l2tp: close all race conditions in l2tp_tunnel_register()

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

Advisory ROSA-SA-2025-2689

Software: scipy 1.0.0 OS: ROSA Virtualization 3.0 packageevrstring: scipy-1.0.0-21.0.2 CVE-ID: CVE-2023-29824 BDU-ID: 2024-07432 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the PyFindObjects function of the PyFindObjects library for the open source Python programming language scipy is relat...

CVE-2024-13794

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Login Page Dislcosure in all versions up to, and including, 5.3.02. This is due to the plugin not properly restricting the /wp-register.php path. This makes it possible for unauthenticated attackers to...

Fields GLPI plugin 安全漏洞

Fields GLPI plugin is an open source plugin for GLPI Project Plugins. A security vulnerability exists in the Fields GLPI plugin version 3.0.0 through versions prior to 3.0.3, which stems from an inadequate security check that allows an unauthenticated attacker to determine if data with a specific...

WordPress Plugin Folders Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2023-46307

Summary: CVE-2023-46307 affects etcd-browser (build 87ae63d75260). The vulnerability is in server.js and enables a directory traversal by supplying a /../../../ path in the URL in a remote-connection context, allowing retrieval of local operating system files on the remote system. Impact: potenti...