PT-2026-20335

Name of the Vulnerable Software and Affected Versions Beetel 777VR1 versions up to 01.00.09 Description A security issue exists in Beetel 777VR1 up to version 01.00.09, related to the Telnet Service/SSH Service component. The issue involves insecure default initialization of a resource and can be...

PT-2025-44626

Name of the Vulnerable Software and Affected Versions Afterlogic Aurora webmail versions 9.8.3 and below Description A cross-site scripting XSS issue exists in Afterlogic Aurora webmail. An attacker can send a specially crafted HTML email message containing JavaScript within an img HTML tag. This...

PT-2025-44253

Name of the Vulnerable Software and Affected Versions ThemeSphere SmartMag versions through 10.3.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion...

PT-2025-43702

Name of the Vulnerable Software and Affected Versions Genesis Framework theme for WordPress versions up to and including 3.6.0 Description The Open Source Genesis Framework theme for WordPress is susceptible to Stored Cross-Site Scripting through its shortcodes. Insufficient input sanitization an...

PT-2025-43731

Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description A malicious or malformed application can be installed but not uninstalled, potentially leading to unavailability of the system. This issue creates a permanent...

PT-2025-33656 · Ibm · Ibm Concert

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.1.0 Description: The software contains hard-coded credentials, such as a password or cryptographic key, used for inbound authentication, outbound communication to external components, or encryptio...

PT-2025-33458 · WordPress · Elink – Embed Content

Name of the Vulnerable Software and Affected Versions: elink – Embed Content plugin for WordPress versions up to and including 1.1.0 Description: The elink – Embed Content plugin for WordPress is susceptible to malicious redirection due to insufficient restriction of URLs supplied through the eli...

PT-2025-33376 · Woocommerce · Primer Mydata For Woocommerce

Name of the Vulnerable Software and Affected Versions: Primer MyData for Woocommerce versions through 4.2.5 Description: The software contains a Reflected Cross-Site Scripting XSS issue due to improper neutralization of input during web page generation. Recommendations: Update Primer MyData for...

PT-2024-34999 · Unknown · Gutenium Blocks

Name of the Vulnerable Software and Affected Versions: Gutenium Blocks versions 1.1.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject...

PT-2024-30382 · Woocommerce · Persian Woocommerce Sms

Name of the Vulnerable Software and Affected Versions: Persian WooCommerce versions 7.1.6 and earlier Description: The issue affects Persian WooCommerce due to a Missing Authorization vulnerability. This vulnerability allows accessing functionality not properly constrained by ACLs. Recommendation...

PT-2024-34244 · Unknown · Raptor Editor

Name of the Vulnerable Software and Affected Versions: Raptor Editor versions 1.0.20 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. It specifically affects the Raptor Editor, allowing for...

PT-2024-5962 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.20 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious...

PT-2024-23468 · Unknown · Awesome Support

Name of the Vulnerable Software and Affected Versions: Awesome Support versions 6.1.7 and earlier Description: The issue is related to a Missing Authorization vulnerability in Awesome Support Team Awesome Support. Recommendations: For versions 6.1.7 and earlier, update to a version later than 6.1...

PT-2024-26353 · Unknown · Academy Lms

Name of the Vulnerable Software and Affected Versions: Academy LMS versions 1.9.25 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. Recommendations: For versions 1.9.25 and earlier, update to a version later than 1.9.25 to resolve th...

PT-2024-23783 · Unknown · Easy Digital Downloads

Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads versions 3.2.11 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This allows an attacker to trick a user into performing unintended actions on a web application. Recommendations: For...

PT-2024-23435 · Thimpress · Thimpress Wp Hotel Booking

Name of the Vulnerable Software and Affected Versions: ThimPress WP Hotel Booking versions 2.0.9.2 and earlier Description: A Missing Authorization issue affects ThimPress WP Hotel Booking, allowing unauthorized access. Recommendations: For ThimPress WP Hotel Booking versions 2.0.9.2 and earlier,...

PT-2024-22748 · Unknown · Aam Advanced Access Manager

Name of the Vulnerable Software and Affected Versions: AAM Advanced Access Manager versions through 6.9.20 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions...

PT-2023-31367 · WordPress · Wp Photo Album Plus

Name of the Vulnerable Software and Affected Versions: WP Photo Album Plus versions through 8.5.02.005 Description: The issue is related to an Authorization Bypass Through User-Controlled Key. This allows for unauthorized access. Recommendations: For WP Photo Album Plus versions through 8.5.02.00...

PT-2023-26396 · Unknown · Email Sender

Name of the Vulnerable Software and Affected Versions: Elastic Email Sender plugin versions 1.2.6 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin+ privileges can inject malicious scripts into t...

PT-2023-10640 · Flexera · Flexnet Manager Suite +1

Name of the Vulnerable Software and Affected Versions: FlexNet Manager Suite versions 2015 R2 SP3 and earlier FlexNet Manager Platform versions 9.2 and earlier Description: A issue exists in the inventory gathering components that can be exploited by local users to perform certain actions with...