973 matches found
CVE-2025-58055 Discourse AI Suggestions Contain Insecure Direct Object Reference
Discourse is an open-source community discussion platform. In versions 3.5.0 and below, the Discourse AI suggestion endpoints for topic “Title”, “Category”, and “Tags” allowed authenticated users to extract information about topics that they weren’t authorized to access. By modifying the “topicid...
CVE-2025-60163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through = 3.2...
WordPress bbp topic count plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin bbp topic count versions = 3.2...
CVE-2025-60163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through = 3.2...
CVE-2025-60163
CVE-2025-60163 corresponds to a Cross-Site Scripting flaw in the WordPress plugin bbP topic count (bbp-topic-count) with authenticated (Contributor+) Stored XSS affecting version up to 3.1. The Wordfence Vulnerability Database entry indicates the issue is present and remains Unpatched. The EUVD E...
CVE-2025-60163 WordPress bbp topic count plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through = 3.2...
CVE-2025-60163 WordPress bbp topic count plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through = 3.2...
WordPress plugin bbp topic count 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-39605
Name of the Vulnerable Software and Affected Versions Robin W bbp topic count versions through 3.1 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for potential malicious code...
CVE-2025-10820
A vulnerability was detected in fuyanglipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2025-10821
A flaw has been found in fuyanglipengjun platform 1.0. The affected element is the function TopicCategoryController of the file /topiccategory/queryAll. This manipulation causes improper authorization. The attack is possible to be carried out remotely. The exploit has been published and may be us...
CVE-2025-10820
A vulnerability was detected in fuyanglipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2025-10820
A vulnerability was detected in fuyanglipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2025-10821 fuyang_lipengjun platform queryAll TopicCategoryController improper authorization
A flaw has been found in fuyanglipengjun platform 1.0. The affected element is the function TopicCategoryController of the file /topiccategory/queryAll. This manipulation causes improper authorization. The attack is possible to be carried out remotely. The exploit has been published and may be us...
CVE-2025-10821 fuyang_lipengjun platform queryAll TopicCategoryController improper authorization
A flaw has been found in fuyanglipengjun platform 1.0. The affected element is the function TopicCategoryController of the file /topiccategory/queryAll. This manipulation causes improper authorization. The attack is possible to be carried out remotely. The exploit has been published and may be us...
CVE-2025-10820 fuyang_lipengjun platform queryAll TopicController improper authorization
A vulnerability was detected in fuyanglipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2025-10820
CVE-2025-10820 affects the fuyang_lipengjun platform 1.0, specifically the TopicController function in /topic/queryAll. The vulnerability results from improper authorization, enabling remote exploitation. Public exploits exist, and multiple sources (Red Hat, CVEs and vulnerability trackers) corro...
CVE-2025-10820 fuyang_lipengjun platform queryAll TopicController improper authorization
A vulnerability was detected in fuyanglipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used...
Weitong Mall 授权问题漏洞
Weitong Mall is a shopping mall system developed by fuyanglipengjun. Weitong Mall version 1.0 has an authorization issue vulnerability, the vulnerability stems from improper authorization of the TopicCategoryController function in the file /topiccategory/queryAll, which may lead to remote attacks...
PT-2025-39088
Name of the Vulnerable Software and Affected Versions fuyang lipengjun platform version 1.0 Description An improper authorization issue exists in the TopicCategoryController function within the /topiccategory/queryAll file of the fuyang lipengjun platform. This allows for remote attacks. The...