CVE-2026-6898

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember3Hooks::generateapikey' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with...

WordPress Wishlist Member plugin <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) API Secret Key Disclosure and Privilege Escalation vulnerability

Missing Authorization to Authenticated Subscriber+ API Secret Key Disclosure and Privilege Escalation vulnerability discovered by h0xilo in WordPress Plugin WishList Member X versions = 3.30.1...

WordPress Wishlist Member plugin <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) Generate API Secret Key vulnerability

Missing Authorization to Authenticated Subscriber+ Generate API Secret Key vulnerability discovered by h0xilo in WordPress Plugin WishList Member X versions = 3.30.1...

CVE-2026-6895

The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation in versions up to and including 3.30.1. This is due to the missing capability checks in the 'exportsettings' function. This function returns the RES...

WordPress plugin WishList Member 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

Astra Linux - уязвимость в sqlite3

SQLite 3.30.1 improperly handles pExpr-y.pTab, as demonstrated by the TKCOLUMN case in sqlite3ExprCodeTarget in expr.c...

Astra Linux - уязвимость в sqlite3

In SQLite 3.30.1, the exprListAppendList function in the window.c file allows attackers to trigger a invalid pointer dereferencing issue, as constant integer values in ORDER BY clauses of window definitions are handled incorrectly...

CVE-2025-40681 Cross-Site Scripting (XSS) in xCally Omnichannel

Cross-site Scripting XSS vulnerability reflected in xCally's Omnichannel v3.30.1. This vulnerability allowsan attacker to executed JavaScript code in the victim's browser by sending them a malicious URL using the 'failureMessage' parameter in '/login'. This vulnerability can be exploited to steal...

PT-2025-46825

Name of the Vulnerable Software and Affected Versions xCally Omnichannel version 3.30.1 Description A cross-site scripting XSS issue exists in xCally's Omnichannel version 3.30.1. The issue allows an attacker to execute JavaScript code in a victim’s browser. This is achieved by sending a maliciou...

CVE-2023-33325

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Teplitsa of social technologies Leyka plugin = 3.30.1 versions...

WordPress Leyka Plugin <= 3.30.1 is vulnerable to Cross Site Scripting (XSS)

Software Leyka Type Plugin Vulnerable versions = 3.30.1 Fixed in 3.30.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33325 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d835c492683 Credits thiennv Required privileg...

SUSE CVE-2019-19926

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...

sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS

SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash...

SQLite Buffer Overflow Vulnerability (CNVD-2020-01917)

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. A buffer overflow vulnerability exists in the ext/misc/zipfile.c file i...

PT-2020-10376 · Sqlite +6 · Sqlite +6

Name of the Vulnerable Software and Affected Versions: SQLite version 3.30.1 Description: The issue is related to the selectExpander function in the select.c file of SQLite. This function proceeds with WITH stack unwinding even after a parsing error occurs. Recommendations: For SQLite version...

SQLite Input Validation Error Vulnerability

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. An input validation error vulnerability exists in multiSelect in the...

SQLite Code Issue Vulnerability (CNVD-2020-22686)

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. A security vulnerability exists in zipfileUpdate in the...

Unspecified Vulnerability in SQLite (CNVD-2020-03730)

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. SQLite version 3.30.1 there is a security vulnerability , the...

SQLite Code Issue Vulnerability (CNVD-2020-22809)

SQLite is the United States D. Richard Hipp software developers of a set of C-based open source embedded relational database management system. The system is characterized by independence, isolation, cross-platform and so on. SQLite 3.30.1 version of the select.c file of multiSelect there is a co...

SQLite code issue vulnerability (CNVD-2020-09632)

SQLite is a self-contained, serverless, zero-configuration, transactional SQL database engine. A code issue vulnerability exists in the pragma.c file in SQLite 3.30.1 and earlier versions. No detailed vulnerability details are provided at this time...