14 matches found
CVE-2026-57687 WordPress Custom Field Template plugin <= 2.7.8 - SQL Injection vulnerability
Contributor SQL Injection in Custom Field Template = 2.7.8 versions...
WordPress WP Migrate Lite plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WP Migrate Lite versions = 2.7.8...
CVE-2020-27813
creationtimestamp| type| source ---|---|--- 2026-04-07 15:02:10+00:00| seen| https://t.me/codebysec/9952...
CVE-2025-13790 Scada-LTS cross-site request forgery
A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure...
CVE-2025-49939
CVE-2025-49939 concerns the WordPress plugin JetElements For Elementor (component: jet-elements ) with versions up to and including 2.7.8. The issue is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. The impact, as stated, i...
WordPress plugin JetElements For Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...
CVE-2025-40979
DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...
WordPress JetElements For Elementor plugin <= 2.7.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin JetElements For Elementor versions = 2.7.8...
PT-2024-8682 · Scada-Lts · Scada-Lts
Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8 Description: A vulnerability has been found in the Message Handler component of Scada-LTS, related to the file /Scada-LTS/app.shtm/alarms/Scada. The manipulation leads to cross-site scripting. The attack can be launche...
PT-2023-20614 · WordPress · Buddyforms
Name of the Vulnerable Software and Affected Versions: BuddyForms WordPress plugin versions prior to 2.7.8 Description: The issue is related to an unauthenticated insecure deserialization problem. An attacker could exploit this to call files using a PHAR wrapper, which deserializes data and calls...
CVE-2021-37693
Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta4, when adding additional email addresses to an existing account on a Discourse site an email token is generated as part of the email verification process. Deleting the additional email...
CVE-2021-29202
A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H...
XSS vulnerability in phpok version 4.8.278
phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An XSS vulnerability exists in phpok version 4.8.278. The vulnerability stems from insufficient filtering of URL jump parameters, which can be exploited by attackers to obtain...
security flaw
The publisher handler for modpython 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL...