2 matches found
CVE-2026-10735 ShapedPlugin Multiple Pro Plugins - Backdoor via Compromised Vendor Update Server
Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Product Slider for WooCommerce Pro WordPress plugin before 3.5.3 Pro smart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Produ...
Yayoi Kaikei improper handling of credential information
Overview Yayoi Kaikei Quick Navigator sends user credentials unencrypted. Yayoi Kaikei Quick Navigator makes the user log into the vendor's server, and sends the user credentials unencrypted. Impact By monitoring the communication between Quick Navigator and the vendor's server, an attacker can...