CVE-2026-32484

Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through = 1.6.26...

CVE-2026-32484 WordPress weForms plugin <= 1.6.26 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through = 1.6.26...

WordPress weForms plugin <= 1.6.26 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin weForms versions = 1.6.26...

EUVD-2025-208305

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/a through = 1.6.26...

CVE-2025-69338

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/a through = 1.6.26...

CVE-2025-69338 WordPress Riode Core plugin <= 1.6.26 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in don-themes Riode Core riode-core allows Blind SQL Injection.This issue affects Riode Core: from n/a through = 1.6.26...

CVE-2025-69338

Summary: CVE-2025-69338 affects the WordPress plugin don-themes Riode Core (riode-core). The issue is an SQL Injection vulnerability in riode-core that allows blind SQL injection due to improper neutralization of special elements in SQL commands. Affected versions are Riode Core: up to and includ...

WordPress Riode Core plugin <= 1.6.26 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Riode Core versions = 1.6.26...

libpng 输入验证错误漏洞

libpng is The PNG Development Group open source a PNG graphics file can be realized on the creation of PNG, read and write operations such as PNG reference library . An input validation error vulnerability exists in libpng versions 1.6.26 through 1.6.53, which stems from an integer truncation in...

CVE-2024-2619

The Elementor Header & Footer Builder for WordPress is vulnerable to HTML Injection in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject...

EUVD-2024-27568

Malicious code in bioql PyPI...

PT-2025-14092 · WordPress · Wp Realestate

Name of the Vulnerable Software and Affected Versions: WP RealEstate plugin versions up to, and including, 1.6.26 Description: The issue is related to insufficient role restrictions in the process register function, allowing unauthenticated attackers to register an account with the Administrator...

WordPress plugin WP RealEstate 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-28180 affecting package moby-containerd for versions less than 1.6.26-9

CVE-2024-28180 affecting package moby-containerd for versions less than 1.6.26-9. A patched version of the package is available...

WordPress Elementor Header & Footer Builder plugin <= 1.6.26 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.26...

PT-2024-21305 · WordPress · Elementor Header & Footer Builder

Name of the Vulnerable Software and Affected Versions: Elementor Header & Footer Builder plugin for WordPress versions up to, and including, 1.6.26 Description: The issue is related to Stored Cross-Site Scripting via the size attribute due to insufficient input sanitization and output escaping...

CVE-2014-7824

D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service prevention of new connections and connection drop by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix fo...