WordPress AI Product Search for WooCommerce – Motive Commerce Search plugin <= 1.38.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Benedictus Jovan aillesim/eneri in WordPress Plugin AI Product Search for WooCommerce Motive Commerce Search versions = 1.38.2...

CVE-2025-0470

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the title parameter in all versions up to, and including, 1.38.2 due to insufficient input sanitization and output escaping. This makes it possible for...

MediaWiki < 1.38.2 Unlimited Lexeme Length Denial Of Service

According to its self-reported version number, the instance of MediaWiki hosted on the remote web server is prior to 1.38.2. It is, therefore, affected by a vulnerability which permits remote attackers to specify oversize lexemes to be created, introducing various denial-of-service attacks within...

Fedora 29 : php-twig (2019-c8712a42dc)

Version 1.38.2 2019-03-12 - added TemplateWrapper::getTemplateName ---- Version 1.38.1 2019-03-12 - fixed class aliases ---- Version 1.38.0 2019-03-12 - fixed sandbox security issue under some circumstances, calling the toString method on an object was possible even if not allowed by the security...