CVE-2026-1451

The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'a' parameter in versions up to, and including, 0.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

WordPress rognone plugin <= 0.6.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by san6051 - COFFSec in WordPress Plugin rognone versions = 0.6.2...

WordPress rognone plugin <= 0.6.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by san6051 - COFFSec in WordPress Plugin rognone versions = 0.6.2...

CVE-2026-1451 rognone <= 0.6.2 - Reflected Cross-Site Scripting via 'a' Parameter

The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'a' parameter in versions up to, and including, 0.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2026-1451

Product/Component: WordPress plugin rognone (versions up to and including 0.6.2). Vulnerability: Reflected Cross-Site Scripting via the 'a' parameter caused by insufficient input sanitization and output escaping. Impact (as stated): unauthenticated attackers can inject arbitrary web scripts into ...

CVE-2026-1450

The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mode' parameter in versions up to, and including, 0.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...

CVE-2026-1450 rognone <= 0.6.2 - Reflected Cross-Site Scripting via 'mode' Parameter

The rognone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mode' parameter in versions up to, and including, 0.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...

GHSA-3CV2-H65G-FGMM astral-tokio-tar has a PAX Header Desynchronization issue

Impact Versions of astral-tokio-tar prior to 0.6.2 contain a PAX header interpretation bug that allows manipulated entries to be made selectively visible or invisible during extraction with astral-tokio-tar versus other tar implementations. An attacker could use this differential to smuggle...

Astra Linux - уязвимость в pyasn1

pyasn1 is a generic ASN.1 library for Python. Prior to version 0.6.2, a Denial-of-Service issue was identified that could lead to memory exhaustion due to malformed RELATIVE-OID values with excessive continuation octets. This vulnerability has been fixed in version 0.6.2...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pyasn1 (UTSA-2026-014296)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014296 advisory. pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID wi...

EUVD-2026-20107

The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2026-3781

Affected product: Attendance Manager plugin for WordPress. Vulnerability: SQL Injection via the 'attmgr_off' parameter in all versions up to and including 0.6.2, caused by insufficient escaping of user input and inadequate preparation of the SQL query. Impact (as stated): authenticated attackers ...

PT-2026-31098

The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgr off' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

python-pyasn1 security update

0.6.2-1 - Update to 0.6.2 - Update modules to 0.4.2 Resolves: RHEL-148142...

Fedora: Security Advisory (FEDORA-2026-ddafe1357a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : python-pyasn1 (2026-ddafe1357a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ddafe1357a advisory. Update for python-pyasn1-0.6.2-1.fc42. Changelog Thu Feb 05 2026 Simon Pichugin - 0.6.2-1 - Update to 0.6.2 - Fixed continuation octet limits in...

CVE-2025-68843

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bas Schuiling FeedWordPress Advanced Filters faf allows Reflected XSS.This issue affects FeedWordPress Advanced Filters: from n/a through = 0.6.2...

CVE-2025-68843

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bas Schuiling FeedWordPress Advanced Filters faf allows Reflected XSS.This issue affects FeedWordPress Advanced Filters: from n/a through = 0.6.2...

WordPress plugin FeedWordPress Advanced Filters 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-21105

Name of the Vulnerable Software and Affected Versions FeedWordPress Advanced Filters versions through 0.6.2 Description The software contains a flaw related to improper input handling during web page generation, which can lead to Reflected Cross-site Scripting XSS. This means that an attacker cou...