WordPress plugin Scape 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2025-208306

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in don-themes Molla molla allows PHP Local File Inclusion.This issue affects Molla: from n/a through = 1.5.16...

PT-2026-23145

Name of the Vulnerable Software and Affected Versions don-themes Molla versions through 1.5.16 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local fil...

WordPress Molla theme <= 1.5.16 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Molla versions = 1.5.16...

EUVD-2021-11845

Malware in sbrugna...

EUVD-2024-53067

Malicious code in bioql PyPI...

EUVD-2025-24697

Malicious code in bioql PyPI...

CVE-2025-54697

Incorrect Privilege Assignment vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Privilege Escalation.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.16...

CVE-2025-54697

CVE-2025-54697 concerns Kadence WooCommerce Email Designer for WordPress (Kadence plugin). Connected sources confirm an Incorrect Privilege Assignment vulnerability that could enable privilege escalation in versions up to and including 1.5.16. No exploit details are provided in the documents. The...

CVE-2025-54697 WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.16 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Privilege Escalation.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.16...

PT-2025-33249 · Kadence Wp · Kadence Woocommerce Email Designer

Name of the Vulnerable Software and Affected Versions: Kadence WooCommerce Email Designer versions n/a through 1.5.16 Description: An incorrect privilege assignment issue exists in Kadence WooCommerce Email Designer, potentially allowing privilege escalation. Recommendations: Update Kadence...

CVE-2024-56270

Missing Authorization vulnerability in SecureSubmit WP SecureSubmit securesubmit allows Retrieve Embedded Sensitive Data.This issue affects WP SecureSubmit: from n/a through = 1.5.20...

CVE-2024-51587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in softfirm Definitive Addons for Elementor definitive-addons-for-elementor allows Stored XSS.This issue affects Definitive Addons for Elementor: from n/a through = 1.5.16...

CVE-2024-56270

Missing Authorization vulnerability in SecureSubmit WP SecureSubmit securesubmit allows Retrieve Embedded Sensitive Data.This issue affects WP SecureSubmit: from n/a through = 1.5.20...

WordPress plugin WP SecureSubmit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-3234 · WordPress · Wp Securesubmit

Name of the Vulnerable Software and Affected Versions: WP SecureSubmit versions 1.5.16 and earlier Description: The issue is related to a missing authorization vulnerability in SecureSubmit WP, which allows the exploitation of incorrectly configured access control security levels. Recommendations...

WordPress plugin Definitive Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2024-2436

The Lightweight Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.16 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

textAngular 跨站脚本漏洞

textAngular is a very powerful text editor for textAngular individual developers. A security vulnerability exists in textAngular 1.5.16 and earlier versions, which stems from the presence of a cross-site scripting XSS vulnerability...

DEBIAN-CVE-2022-23471

containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, f...