JLSEC-2026-365

A potential memory leak issue was discovered in SDL2 in GLESCreateTexture function in SDLrendergles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected...

CVE-2025-66135 WordPress Imager for Elementor plugin <= 2.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through = 2.0.4...

CVE-2025-68578 WordPress Addonify plugin <= 2.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify: from n/a through = 2.0.4...

CVE-2025-10176

The CVE-2025-10176 entry concerns The Hack Repair Guy's Plugin Archiver for WordPress, with ARBITRARY FILE DELETION in prepare_items across versions up to 2.0.4. The issue arises from insufficient file path validation, enabling authenticated users with Administrator-level access to delete arbitra...

PT-2025-37355

Name of the Vulnerable Software and Affected Versions: The Hack Repair Guy's Plugin Archiver plugin for WordPress versions up to and including 2.0.4 Description: The Plugin Archiver plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation within the...

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization via the handling of SMTP message input. An attacker can inject arbitrary SMTP commands by supplying specially crafted input containing carriage return and line feed characters. Remediation Upgrade...

CVE-2022-29358

epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in parsespecialtag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted XML file...

CVE-2025-32598

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder allows Reflected XSS. This issue affects WP Table Builder: from n/a through 2.0.4...

CVE-2025-32120 WordPress Easy Query – WP Query Builder plugin <= 2.0.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edanzer Easy Query – WP Query Builder easy-query allows Blind SQL Injection.This issue affects Easy Query – WP Query Builder: from n/a through = 2.0.4...

USN-7406-4: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

CVE-2025-1938

Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firef...

PT-2025-3932 · WordPress · The Buzz Club – Night Club

Name of the Vulnerable Software and Affected Versions: The Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme versions up to, and including, 2.0.4 Description: The issue allows unauthorized modification of data, potentially leading to a denial of service. This is due to a missing...

PT-2025-1784 · WordPress · Woocommerce Check Pincode/Zipcode For Shipping Plugin

Name of the Vulnerable Software and Affected Versions: Woocommerce check pincode/zipcode for shipping plugin for WordPress versions up to, and including, 2.0.4 Description: The issue is due to missing or incorrect nonce validation, making it possible for unauthenticated attackers to inject...

WordPress plugin Themify Audio Dock 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-27404 · Kodezen Limited · Academy Lms

Name of the Vulnerable Software and Affected Versions: Academy LMS versions 2.0.4 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, in Kodezen Limited Academy LMS. This vulnerability allows for redirection to...

WBSAirback Cross-Site Request Forgery Vulnerability

WBSAirback is a next generation storage and backup system from WBSAirback. A cross-site request forgery vulnerability exists in WBSAirback version 21.02.04, which can be exploited by an attacker to forge a malicious request to trick a victim into clicking on it to perform a sensitive operation...

UBUNTU-CVE-2022-4743

A potential memory leak issue was discovered in SDL2 in GLESCreateTexture function in SDLrendergles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected...

PT-2022-23253 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon version 22.04.0 Description: The issue is related to a Cross Site Scripting XSS attack. It can be exploited from the function Pollers Broker Configuration by adding a crafted payload into the name parameter. This allows for the...

PYSEC-2021-380

Ops CLI version 2.0.4 and earlier is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkoutrepo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim machine...

PHP Scripts Mall hotel-booking-script Denial of Service Vulnerability

PHP Scripts Mall hotel-booking-script is a hotel booking system script by PHP Scripts Mall India, which includes features like advanced CMS management, review management and booking management. A denial of service vulnerability exists in PHP Scripts Mall hotel-booking-script version 2.0.4, which...