WordPress Name Directory plugin <= 1.32.1 - Unauthenticated Stored Cross-Site Scripting via 'name_directory_name' vulnerability

Unauthenticated Stored Cross-Site Scripting via 'namedirectoryname' vulnerability discovered by Youssef Elouaer in WordPress Plugin Name Directory versions = 1.32.1...

PT-2026-24666

🚨 CVE-2026-3178 The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name directory name' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker...

WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by PPzzAArr in WordPress Plugin FiboSearch versions = 1.32.1...

PT-2025-52549

Name of the Vulnerable Software and Affected Versions FiboSearch – Ajax Search for WooCommerce plugin for WordPress versions prior to 1.32.1 Description The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is susceptible to Stored Cross-Site Scripting. The issue stems from inadequate...

Linux Distros Unpatched Vulnerability : CVE-2019-12470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log in RevisionDelete page is exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

Jenkins GitHub Pull Request Builder Plugin

GitHub Pull Request Builder Plugin stored the webhook secret shared between Jenkins and GitHub in plain text. This allowed users with Jenkins controller local file system access and Jenkins administrators to retrieve the stored password. The latter could result in exposure of the passwords throug...

BusyBox 安全漏洞

BusyBox is a suite of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian individual developer. A security vulnerability exists in BusyBox through 1.32.1, which stems from incorrectly handling the wrong bit on the huft build result pointer, leading to invalid...

CVE-2019-12469

MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

Design/Logic Flaw

MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

CVE-2019-12467

MediaWiki through 1.32.1 has Incorrect Access Control issue 1 of 3. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

MediaWiki Access Control Error Vulnerability (CNVD-2019-36868)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki 1.32.1 and earlier versions. No...

MediaWiki Access Control Error Vulnerability (CNVD-2019-36871)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki 1.32.1 and earlier versions. No...

MediaWiki Access Control Error Vulnerability (CNVD-2019-36869)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki 1.32.1 and earlier versions. No...