233 matches found
CVE-2026-57345
Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...
EUVD-2026-40106
Subscriber Broken Access Control in Ads by WPQuads = 3.0.3 versions...
PT-2026-53296
Name of the Vulnerable Software and Affected Versions Ads by WPQuads versions prior to 3.0.4 Description Broken access control allows users with the Subscriber role to perform unauthorized actions. Recommendations Update Ads by WPQuads to version 3.0.4 or later...
EUVD-2026-39784
Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...
CVE-2026-54824
Unauthenticated sensitive data exposure affecting the WordPress Ads by WPQuads plugin ≤ 3.0.3. Affected component: the WPQuads Ads plugin for WordPress. Root cause: unspecified in the provided documents; the vulnerability is described as unauthenticated exposure. Impact: sensitive data exposure w...
CVE-2026-49073 WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...
PT-2026-50125
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...
EUVD-2026-36997
Subscriber Broken Access Control in myCred = 3.0.3 versions...
CVE-2026-40794 WordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerability
Subscriber Broken Access Control in myCred = 3.0.3 versions...
CVE-2026-40794 WordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerability
Subscriber Broken Access Control in myCred = 3.0.3 versions...
CVE-2026-39449
CVE-2026-39449 is an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress plugin Contact Form to Any API for versions ≤ 3.0.3. The issue is documented by Patchstack and CVEs listed in connected records; affected component is the plugin and the root cause details are not discl...
PT-2026-49431
Subscriber Broken Access Control in myCred = 3.0.3 versions...
EZB Systems Softdisk 安全漏洞
EZB Systems Softdisk is a tool software developed by EZB Systems Corporation, used for creating and managing virtual disks and disk images. Version 3.0.3 of EZB Systems Softdisk contains a security vulnerability. This vulnerability stems from a buffer overflow in the registration code dialog box,...
WordPress Contact Form to Any API plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 0xManticore in WordPress Plugin Contact Form to Any API versions = 3.0.3...
CVE-2026-39625 WordPress TechOne theme <= 3.0.3 - Arbitrary Shortcode Execution vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through = 3.0.3...
CVE-2026-39625 WordPress TechOne theme <= 3.0.3 - Arbitrary Shortcode Execution vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through = 3.0.3...
PT-2026-31190
CVE-2026-39625 Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects Tec… https://t.co/G5AXQK2cTi...
CVE-2026-32535
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through = 3.0.3...
EUVD-2026-15909
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through = 3.0.3...
EUVD-2026-15907
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through = 3.0.3...