PT-2026-1561

Name of the Vulnerable Software and Affected Versions Relevanssi WordPress plugin versions prior to 4.26.0 Relevanssi Premium WordPress plugin versions prior to 2.29.0 Description The Relevanssi and Relevanssi Premium WordPress plugins do not properly sanitize and escape a parameter before its us...

WordPress Image Source Control Lite Plugin <= 2.29.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Parasimpaticki Patchstack Alliance in WordPress Plugin Image Source Control versions = 2.29.0...

CVE-2023-50780

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

CVE-2023-50780 Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

Open Whisper Signal Denial of Service Vulnerability

Signal is an encrypted instant messaging and voice calling software that supports iOS, Android, Debian-based distributions, macOS and Windows platforms. A denial of service vulnerability exists in Open Whisper Signal for iOS version 2.29.0 and earlier. The vulnerability stems from a failure of...