10 matches found
CVE-2026-13489
The CVE-2026-13489 entry describes a vulnerability in 78 xiaozhi-esp32
CVE-2026-25344 WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through = 2.2.6...
CVE-2026-27541
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
GHSA-59PP-R3RG-353G Composer is vulnerable to ANSI sequence injection
Impact Attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and potentially leading to confusion or DoS of the terminal application. There is no proven exploit...
CVE-2025-58829 WordPress Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin <= 2.3.3 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in aitool Ai Auto Tool Content Writing Assistant Gemini Writer, ChatGPT All in One ai-auto-tool allows Server Side Request Forgery.This issue affects Ai Auto Tool Content Writing Assistant Gemini Writer, ChatGPT All in One: from n/a through = 2.3.3...
CVE-2025-48958
CVE-2025-48958 affects Froxlor before version 2.2.6, where an HTML Injection vulnerability in the Customer Account Portal (email section) allows injected HTML via user input in the domain field. Adversaries can cause phishing-style redirects to external sites, enabling credential theft and reputa...
CVE-2024-10869
The WordPress Brute Force Protection – Stop Brute Force Attacks plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.6. This makes it possible for...
CVE-2023-39022
oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. This vulnerability is exploited via passing an unchecked argument...
GHSA-69JQ-QR7W-J7QH FlowiseAI Flowise arbitrary file upload vulnerability
FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability in /api/v1/attachments...
WordPress WP Human Resource Management plugin has a security vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Human Resource Management plugin is a human resource management plugin used in it. A security vulnerability exists in the WordPress WP...