WordPress Firelight Lightbox plugin < 2.3.16 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Pierre Rudloff in WordPress Plugin Firelight Lightbox versions 2.3.16...

WordPress plugin Firelight Lightbox 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-52707

CVE-2025-52707 : Firelight Lightbox (WordPress plugin) is affected by a Stored Cross-Site Scripting (XSS) vulnerability in versions up to 2.3.16 due to improper input neutralization during web page generation. The CVSSv3.1 base score is 6.5 (Medium): impact to confidentiality, integrity, and avai...

CVE-2023-0404

The Events Made Easy plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions related to AJAX actions in versions up to, and including, 2.3.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...

OPENSUSE-SU-2024:10726-1 dovecot23-2.3.16-1.6 on GA media

These are all security issues fixed in the dovecot23-2.3.16-1.6 package on the GA media of openSUSE Tumbleweed...

CVE-2023-0404

The Events Made Easy plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions related to AJAX actions in versions up to, and including, 2.3.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...

WordPress plugin Events Made Easy 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

dovecot security update

1:2.3.16-2 - do not disable xz/lzma for now despite being deprecated 1:2.3.16-1 - dovecot updated to 2.3.16, pigeonhole to 0.5.16 - fix CVE-2021-33515 plaintext commands injection 1980014...

Security fix for the ALT Linux 9 package dovecot version 2.3.16-alt1

2.3.16-alt1 built Aug. 19, 2021 Andrey Cherepanov in task 282506 Aug. 12, 2021 Andrey Cherepanov - Updated to 2.3.16 fixes CVE-2021-33515, CVE-2021-29157, CVE-2021-33515, CVE-2021-29157. - Package watch file...

cyrus-imapd security update

2.3.16-6.2 - do not use strict aliasing 2.3.16-6.1 - fix CVE-2011-1926: STARTTLS plaintext command injection vulnerability...

Debian Security Advisory DSA 059-1 (man-db)

The remote host is missing an update to man-db announced via advisory DSA 059-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...