CVE-2026-39661

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Magentech SW Core allows PHP Local File Inclusion. This issue affects SW Core: from n/a through 1.7.18...

CVE-2026-39661 WordPress SW Core plugin <= 1.7.18 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Magentech SW Core allows PHP Local File Inclusion. This issue affects SW Core: from n/a through 1.7.18...

EUVD-2026-31802

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Magentech SW Core allows PHP Local File Inclusion. This issue affects SW Core: from n/a through 1.7.18...

CVE-2026-39661

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Magentech SW Core allows PHP Local File Inclusion. This issue affects SW Core: from n/a through 1.7.18...

WordPress SW Core plugin <= 1.7.18 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin SW Core versions = 1.7.18...

PT-2026-43206

Name of the Vulnerable Software and Affected Versions Magentech SW Core versions prior to 1.7.18 Description Improper Control of Filename for Include/Require Statement in PHP Program PHP Remote File Inclusion allows for PHP Local File Inclusion. This occurs when the application fails to properly...

CVE-2026-25420

Missing Authorization vulnerability in MailerLite MailerLite official-mailerlite-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailerLite: from n/a through = 1.7.18...

CVE-2026-25420

Missing Authorization vulnerability in MailerLite MailerLite official-mailerlite-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailerLite: from n/a through = 1.7.18...

CVE-2026-25420

The CVE-cited issue affects the WordPress MailerLite plugin, versions up to and including 1.7.18. The root cause is Missing/Incorrect Authorization due to broken access control in the official-mailerlite-sign-up-forms flow. Public mappings across Red Hat, NVD, CVE listing, and vulnerability datab...

PT-2026-20742

Missing Authorization vulnerability in MailerLite MailerLite official-mailerlite-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailerLite: from n/a through = 1.7.18...

WordPress MailerLite plugin <= 1.7.18 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin MailerLite versions = 1.7.18...

CVE-2024-34371

Missing Authorization vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a through = 1.7.18...

EUVD-2024-34743

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

CVE-2023-53154

parsestring in cJSON before 1.7.18 has a heap-based buffer over-read via "1":1, with no trailing newline if cJSONParseWithLength is called...

CVE-2023-53154

parsestring in cJSON before 1.7.18 has a heap-based buffer over-read via "1":1, with no trailing newline if cJSONParseWithLength is called...

WordPress plugin Login with phone number 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plug-in. A security vulnerability exists in WordPress...

PT-2024-25830 · Hamid Alinia · Idehweb Login With Phone Number

Name of the Vulnerable Software and Affected Versions: Hamid Alinia – idehweb Login with phone number versions 1.7.18 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Login with phone number feature. This vulnerability allows unauthorized access,...

CVE-2024-25905

Cross-Site Request Forgery CSRF vulnerability in Mondula GmbH Multi Step Form.This issue affects Multi Step Form: from n/a through 1.7.18...

Microsoft Azure Kubernetes 安全漏洞

Microsoft Azure Kubernetes is a fully managed Kubernetes service from Microsoft Corporation USA. Offers serverless Kubernetes, a consolidated Continuous Integration and Continuous Delivery CI/CD experience, along with enterprise-grade security and governance. Unify development and operations team...