aidigu 安全漏洞

aidigu Aidigu is an open source microblogging project by the individual developer SR.Lee lty628. A security vulnerability exists in aidigu 1.8.2 and earlier versions, which stems from a misuse of the parameter rememberMe leading to deserialization...

CVE-2025-53306

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in lucidcrew WP Forum Server forum-server allows SQL Injection.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53305

Cross-Site Request Forgery CSRF vulnerability in lucidcrew WP Forum Server forum-server allows Stored XSS.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53306

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in lucidcrew WP Forum Server forum-server allows SQL Injection.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53306 WordPress WP Forum Server plugin <= 1.8.2 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in lucidcrew WP Forum Server forum-server allows SQL Injection.This issue affects WP Forum Server: from n/a through = 1.8.2...

WordPress plugin WP Forum Server SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Ruby WEBrick < 1.8.2 HTTP Request Smuggling

The version of the WEBrick Ruby library installed on the remote host is prior to 1.8.2. It is, therefore, affected by an HTTP request smuggling vulnerability in the readheader. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick...

HTTP Request Smuggling

Overview webrick is a HTTP server toolkit that can be configured as an HTTPS server, a proxy server, and a virtual-host server. Affected versions of this package are vulnerable to HTTP Request Smuggling via the readheaders method. An attacker can exploit inconsistent parsing of HTTP header...

CVE-2024-28188

Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...

CVE-2024-9647

The Kama SpamBlock plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $POST values in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

CVE-2024-35757

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in 5 Star Plugins Easy Age Verify allows Stored XSS.This issue affects Easy Age Verify: from n/a through 1.8.2...

CVE-2023-25197

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Software Foundation apache fineract. Authorized users may be able to exploit this for limited impact on components. This issue affects apache fineract: from 1.4 through 1.8.2...

CVE-2017-14714

In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter...

CVE-2025-32204

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in rocketelements Split Test For Elementor split-test-for-elementor allows SQL Injection.This issue affects Split Test For Elementor: from n/a through = 1.8.3...

CVE-2025-32204 WordPress Split Test For Elementor Plugin <= 1.8.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in rocketelements Split Test For Elementor split-test-for-elementor allows SQL Injection.This issue affects Split Test For Elementor: from n/a through = 1.8.3...

CVE-2025-32204 WordPress Split Test For Elementor Plugin <= 1.8.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in rocketelements Split Test For Elementor split-test-for-elementor allows SQL Injection.This issue affects Split Test For Elementor: from n/a through = 1.8.3...

WordPress plugin Split Test For Elementor SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

CVE-2025-22667

CVE-2025-22667 pertains to the WordPress plugin “Export Order, Product, Customer & Coupon for WooCommerce to Google Sheets.” The vulnerability is listed as Missing Authorization, affecting versions from n/a up to and including 1.8.2. Multiple connected sources confirm this issue and note a remedi...

CVE-2025-30604

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in jiangqie JiangQie Official Website Mini Program jiangqie-official-website-mini-program allows Blind SQL Injection.This issue affects JiangQie Official Website Mini Program: from n/a through = 1.8.2...

CVE-2025-30604

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in jiangqie JiangQie Official Website Mini Program jiangqie-official-website-mini-program allows Blind SQL Injection.This issue affects JiangQie Official Website Mini Program: from n/a through = 1.8.2...