CVE-2026-24357

Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Recipe Maker: from n/a through = 10.2.4...

CVE-2026-24357

CVE-2026-24357 concerns the WordPress plugin WP Recipe Maker (wp-recipe-maker). The vulnerability is described as Missing Authorization caused by incorrectly configured access control, affecting the plugin for WP Recipe Maker versions from unspecified up to 10.2.4. Connected sources (Wordfence, P...

CVE-2026-24357 WordPress WP Recipe Maker plugin <= 10.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Recipe Maker: from n/a through = 10.2.4...

CVE-2025-13417

The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers to perform SQL injection attacks...

EUVD-2021-0909

Malware in sbrugna...

EUVD-2025-24921

Malicious code in bioql PyPI...

CVE-2025-55708 WordPress Quiz And Survey Master Plugin <= 10.2.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through = 10.2.4...

WordPress Quiz And Survey Master Plugin <= 10.2.4 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Quiz And Survey Master versions = 10.2.4...

PT-2025-33396 · Expresstech Systems · Quiz/Survey Master

Name of the Vulnerable Software and Affected Versions: ExpressTech Systems Quiz And Survey Master versions through 10.2.4 Description: The software contains a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows for potential unauthorized...

Palo Alto Networks PAN-OS 10.1.x < 10.1.9 / 10.2.x < 10.2.4 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.9 or 10.2.x prior to 10.2.4. It is, therefore, affected by a vulnerability. An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator...

WordPress PowerPress Podcasting Plugin <= 10.2.3 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions = 10.2.3 Fixed in 10.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 51009255116e Credits N/A Required privilege...

Modern Campus Omni CMS SQL注入漏洞

Modern Campus Omni CMS is a web content management system from Modern Campus, Inc. It is used by colleges and universities to manage their websites. A security vulnerability exists in Modern Campus Omni CMS version 10.2.4, which originates from its landing page that allows an attacker to perform...

PT-2022-25526 · Modern Campus · Modern Campus - Omni Cms

Name of the Vulnerable Software and Affected Versions: Modern Campus Omni CMS formerly OU Campus version 10.2.4 Description: The issue allows for SQL injection via a specific substring on the login page. This can be achieved by using a substring such as ' OR 1 = 1 -- - , ?php'. Recommendations: F...

CVE-2021-23339

This affects all versions before 10.1.14 and from 10.2.0 to 10.2.4 of package com.typesafe.akka:akka-http-core. It allows multiple Transfer-Encoding headers...

HTTP Request Smuggling

Overview com.typesafe.akka:akka-http-core2.13 is a modern, fast, asynchronous, streaming-first HTTP server and client. Affected versions of this package are vulnerable to HTTP Request Smuggling. It allows multiple Transfer-Encoding headers. Remediation Upgrade com.typesafe.akka:akka-http-core2.13...

Xiaomi Redmi Note 5 Pro Xiaomi Stock Browser Information Disclosure Vulnerability

Xiaomi Redmi Note 5 Pro is a smartphone from Chinese company Xiaomi Technology Xiaomi.Xiaomi Stock Browser is one of the stock browsers. An information disclosure vulnerability exists in version 10.2.4.g of the Xiaomi Stock Browser in the Xiaomi Redmi Note 5 Pro. The vulnerability stems from an...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen2 (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM XIV Storage System Gen2. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted, but...

Gitlab labels component cross-site scripting vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository , which has features similar to Github , you can access the project's file content , commit history , bug lists , etc. GitLab Community Edition CE is...

Gitlab cross-site scripting vulnerability (CNVD-2018-06861)

GitLab is a set of Ruby on Rails development of open source applications , can be realized as a self-hosted Git version control system project repository , which has similar features to Github , you can check the project's file content , commit history , bug lists , etc. GitLab Community Edition ...

CVE-2017-0917

Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting...