EUVD-2026-24550

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

CVE-2026-5512

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

CVE-2025-47500

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks allows Stored XSS.This issue affects Stackable: from n/a through = 3.19.5...

CVE-2025-47500 WordPress Stackable plugin <= 3.19.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks allows Stored XSS.This issue affects Stackable: from n/a through = 3.19.5...

WordPress plugin stackable-ultimate-gutenberg-blocks has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

WordPress Frontend Admin by DynamiApps Plugin <= 3.19.4 is vulnerable to Privilege Escalation

Software Frontend Admin by DynamiApps Type Plugin Vulnerable versions = 3.19.4 Fixed in 3.19.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-3729 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4ebfbce29f56...