CVE-2026-39608

Missing Authorization vulnerability in iPOSPays iPOSpays Gateways WC ipospays-gateways-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iPOSpays Gateways WC: from n/a through = 1.3.7...

CVE-2026-39608

Missing Authorization vulnerability in iPOSPays iPOSpays Gateways WC ipospays-gateways-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iPOSpays Gateways WC: from n/a through = 1.3.7...

EUVD-2026-10310

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

GHSA-74CF-PGH9-M5Q2 Apache IoTDB has an Insecure Default Configuration Vulnerability

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

CVE-2026-24713

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

CVE-2026-24713 Apache IoTDB: JEXL Expression Injection Vulnerability

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

CVE-2026-24713

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

CVE-2026-24015 Apache IoTDB: Insecure Default Configuration Vulnerability

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

CVE-2026-24015 Apache IoTDB: Insecure Default Configuration Vulnerability

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

Security Bulletin: IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms

Summary Aspera faspio Gateway uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information Vulnerability Details CVEID:CVE-2025-14480 DESCRIPTION: Aspera faspio Gateway uses weaker than expected cryptographic algorithms that could allow an...

PT-2025-54355

Name of the Vulnerable Software and Affected Versions MyD Delivery versions through 1.3.7 Description An authorization bypass exists in Eduardo Villão MyD Delivery due to incorrectly configured access control security levels. This allows exploitation through a user-controlled key. Recommendations...

CVE-2025-31803 WordPress Turisbook Booking System plugin <= 1.3.7 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Neteuro Turisbook Booking System allows Stored XSS. This issue affects Turisbook Booking System: from n/a through 1.3.7...

PT-2024-38214 · WordPress · Yayextra – Woocommerce Extra Product Options

Name of the Vulnerable Software and Affected Versions: YayExtra – WooCommerce Extra Product Options plugin for WordPress versions up to, and including, 1.3.7 Description: The issue is related to arbitrary file uploads due to missing file type validation in the handle upload file function. This...

CVE-2024-5468

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stmhbdelete function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to...

PT-2023-10171 · Bestwebsoft · Bestwebsoft Twitter Plugin

Name of the Vulnerable Software and Affected Versions: BestWebSoft Twitter Plugin versions up to 1.3.2 Description: A vulnerability was found in the BestWebSoft Twitter Plugin. It affects the function twttr settings page of the file twitter.php. The manipulation of the argument twttr url...

kodbox 安全漏洞

kodbox is a network file manager. A security vulnerability exists in kodbox versions 1.2.x through 1.3.7, which stems from the presence of sensitive information disclosure issues...

CVE-2022-25614

Cross-Site Request Forgery CSRF in StylemixThemes eRoom – Zoom Meetings & Webinar WordPress plugin = 1.3.7 allows an attacker to Sync with Zoom Meetings...

CVE-2022-25614

Cross-Site Request Forgery CSRF in StylemixThemes eRoom – Zoom Meetings & Webinar WordPress plugin = 1.3.7 allows an attacker to Sync with Zoom Meetings...