CVE-2026-32430

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through = 2.9.9...

EUVD-2026-11964

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through = 2.9.9...

CVE-2026-32430 WordPress PowerPack Addons for Elementor plugin <= 2.9.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through = 2.9.9...

CVE-2026-32430

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through = 2.9.9...

CVE-2025-63039 WordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through = 2.9.9...

CVE-2025-63039

CVE-2025-63039 corresponds to a Missing Authorization (Broken Access Control) vulnerability in the WordPress ListingPro theme (ListingPro: ≤2.9.9). Red Hat and ENISA records corroborate the issue affecting ListingPro versions up to 2.9.9 due to incorrectly configured access control security level...

CVE-2025-63047

Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through = 2.9.9...

EUVD-2025-201981

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows DOM-Based XSS.This issue affects ListingPro: from n/a through = 2.9.9...

CVE-2025-63047 WordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through = 2.9.9...

CVE-2025-63047

CVE-2025-63047 affects the WordPress ListingPro theme (ListingPro) versions

CVE-2025-63046 WordPress ListingPro plugin <= 2.9.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows DOM-Based XSS.This issue affects ListingPro: from n/a through = 2.9.9...

PT-2025-50048

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows DOM-Based XSS.This issue affects ListingPro: from n/a through = 2.9.9...

WordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Theme ListingPro versions = 2.9.9...

WordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme ListingPro versions = 2.9.9...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: mod_security (UTSA-2025-180756)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-180756 advisory. ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to...

EUVD-2023-2189

Malicious code in bioql PyPI...

MAL-2025-5300 Malicious code in commonjs-package (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1eb6fb77a7ed0e6f32859fe04a1eb474d52987aaf21bb24d32c51656ff5de850 Any computer that has this package installed or running should be considered...

Fedora: Security Advisory (FEDORA-2025-7faa0bc6e5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : mod_security (2025-719f4a7313)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-719f4a7313 advisory. This update includes modsecurity version 2.9.9 which addresses CVE-2025-47947 and includes various bug fixes. See...

SUSE CVE-2025-47947

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case in stable released versions: when the payload's content type is application/json, and there is at...