CVE-2025-3649 LightPress Lightbox < 2.3.4 - Contributor+ Stored XSS

The LightPress Lightbox WordPress plugin before 2.3.4 does not check download links point to valid, non-Javascript URLs, allowing users with at least the contributor role to conduct Stored XSS attacks...

BIT-PHP-MIN-2024-5458 Filter bypass in filter_var (FILTER_VALIDATE_URL)

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...

openSUSE Security Update : Chromium (openSUSE-2015-595)

Chromium was updated to the 45.0.2454.85 of the stable channel to fix multiple security issues. The following vulnerabilities were fixed : - CVE-2015-1291: Cross-origin bypass in DOM - CVE-2015-1292: Cross-origin bypass in ServiceWorker - CVE-2015-1293: Cross-origin bypass in DOM - CVE-2015-1294:...