745 matches found
EUVD-2025-210224
Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...
CVE-2025-69115
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme = 1.2.2 versions...
CVE-2026-39554
Unauthenticated PHP Object Injection in Fidalgo = 1.2.2 versions...
CVE-2025-60218
Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...
EUVD-2026-37688
Unauthenticated Local File Inclusion in Uppercase 1.2.2 versions...
CVE-2025-69115 WordPress LuxMed | Medicine & Healthcare Doctor WordPress Theme theme <= 1.2.2 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme = 1.2.2 versions...
CVE-2026-40761
WordPress Theme Valeska <= 1.2.2 is affected by an unauthenticated PHP Object Injection vulnerability. Affected component: Valeska theme (WordPress). Root cause: PHP object injection in versions
CVE-2026-40761 WordPress Valeska theme <= 1.2.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Valeska = 1.2.2 versions...
CVE-2026-39554 WordPress Fidalgo theme <= 1.2.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Fidalgo = 1.2.2 versions...
PT-2026-50118
Unauthenticated PHP Object Injection in Valeska = 1.2.2 versions...
CVE-2026-40772
Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...
CVE-2026-40772 WordPress GeekyBot plugin <= 1.2.2 - Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...
CLEANSTART-2026-OS93204 Security fixes for CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-44740, CVE-2026-44973, CVE-2026-45022, CVE-2026-45570, CVE-2026-45571, ghsa-389r-gv7p-r3rp, ghsa-3xc5-wrhm-f963, ghsa-m3xc-h892-ggx6, ghsa-qw64-3x98-g7q2 applied in versions: 1.2.2-r0, 1.2.2-r1
Multiple security vulnerabilities affect the apko package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-27351
Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...
CVE-2026-27351
CVE-2026-27351 affects the WordPress Crew HRM plugin up to version 1.2.2. Root cause: Missing Authorization through incorrectly configured access control. Impact includes Low integrity, Low availability, and No confidentiality impact per CVSS 3.1 (base score 5.4). Attack vector is Network with Lo...
CVE-2026-27351 WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...
CVE-2026-27351
Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...
WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin Crew HRM versions = 1.2.2...
WordPress plugin Crew HRM 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2026-45575
epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects uripukidpenc and...