CVE-2025-63043 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.23...

CVE-2025-63043 WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.19 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.3.19...

WordPress plugin Post Grid and Gutenberg Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-52274

Authorization Bypass Through User-Controlled Key vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.3.19...

Malicious code in gbiz-next (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 553cbc6a459ec9d1b6f955fcef3ae6eb80c745689510710611df3d9d6527c2fd The package gbiz-next was found to contain malicious code. Source: ghsa-malware c8391a7e1c2a64a130ced055b9f21e596e7bde4ba799add2094c42c4bf63613b Any...

Linux Distros Unpatched Vulnerability : CVE-2015-8078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via...

GO-2025-3844 RatPanel can perform remote command execution without authorization in github.com/tnborg/panel in github.com/TheTNB/panel

RatPanel can perform remote command execution without authorization in github.com/tnborg/panel in github.com/TheTNB/panel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positiv...

CVE-2022-29169

BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...

CVE-2022-29169 ReDoS on endpoint html5client/useragent in BigBlueButton

BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...

WordPress 插件跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin MotoPress, which stems from the fact that...