CVE-2026-22315

Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export of user data, including cleartext passwords, via the SQL editor. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server...

CVE-2026-22315

Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export of user data, including cleartext passwords, via the SQL editor. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server...

CVE-2025-13493 Latest Registered Users <= 1.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via User Data Export

The Latest Registered Users plugin for WordPress is vulnerable to unauthorized user data export in all versions up to, and including, 1.4. This is due to missing authorization and nonce validation in the rndhandleformsubmit function hooked to both adminpostmysimpleform and...

EUVD-2019-6170

Malware in sbrugna...

EUVD-2024-33777

Malicious code in bioql PyPI...

EUVD-2022-48088

Malicious code in bioql PyPI...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt, a Chinese company. A security vulnerability exists in Growatt Cloud Applications version 3.6.0 and prior versions, which stems from an attacker being able to export other users' plant information...

CVE-2024-12637

The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated...

CVE-2024-12637 Moving Users <= 1.05 - Unauthenticated Sensitive Information Exposure

The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated...

CVE-2024-12637

Public technical details about CVE-2024-12637 are not provided in the Connected documents. The Initial Description notes Sensitive Information Exposure via export in Moving Users (WordPress) up to v1.05, but no further technical specifics or patches are included here.

Popup Builder < 3.64.1 - Multiple Issues

"One vulnerability allowed an unauthenticated attacker to inject malicious JavaScript into any published popup, which would then be executed whenever the popup loaded. The other vulnerability allowed any logged-in user, even those with minimal permissions such as a subscriber, to export a list of...

SQL Injection Vulnerability in Guangzhou Lianxiang Cms

Guangzhou Lianxiang Information Technology Co., Ltd. is an e-commerce Internet enterprise that specializes in website construction, micro letter development and website development. Guangzhou Lianxiang CMS has a SQL injection vulnerability. Attackers can use the vulnerability to perform malicious...