Meneame English Pligg SQL注入漏洞

Meneame English Pligg is a social news website aggregation script developed by the Meneame community. Version 5.8 of Meneame English Pligg contains an SQL injection vulnerability. This vulnerability stems from the search parameter in the index.php file, which allows for SQL injections, potentiall...

CVE-2025-60086

Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through = 5.8...

EUVD-2025-199904

OrangeHRM is a comprehensive human resource management HRM system. From version 5.0 to 5.7, the application’s recruitment attachment retrieval endpoint does not enforce the required authorization checks before serving candidate files. Even users restricted to ESS-level access, who have no...

EUVD-2021-25584

Malware in sbrugna...

EUVD-2021-25583

Malware in sbrugna...

EUVD-2021-28278

Malicious code in bioql PyPI...

EUVD-2025-7824

Malicious code in bioql PyPI...

EUVD-2024-35070

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-39201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Impact The issue allows an authenticat...

Linux Distros Unpatched Vulnerability : CVE-2020-15436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in fs/blockdev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging...

CVE-2025-50017

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt WP Voting Contest wp-voting-contest allows Stored XSS.This issue affects WP Voting Contest: from n/a through = 5.8...

CVE-2025-50017 WordPress WP Voting Contest plugin <= 5.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt WP Voting Contest wp-voting-contest allows Stored XSS.This issue affects WP Voting Contest: from n/a through = 5.8...

CVE-2021-41175

Pi-hole's Web interface based on AdminLTE provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients management page. This issue was patched in version 5.8...

CVE-2021-39203

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This...

Amazon Linux AMI : ctags (ALAS-2025-1974)

The version of ctags installed on the remote host is prior to 5.8-2.7. It is, therefore, affected by a vulnerability as referenced in the ALAS-2025-1974 advisory. A flaw was found in Exuberant Ctags in the way it handles the -o option. This option specifies the tag filename. A crafted tag filenam...

WordPress MP3 Audio Player plugin <= 5.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar versions = 5.8...

WordPress plugin Library Bookshelves 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress WP Scraper Plugin <= 5.7 is vulnerable to Broken Access Control

Software WP Scraper Type Plugin Vulnerable versions = 5.7 Fixed in 5.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3663 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6a3b87c193df Credits Lucio Sá Required privilege Subscriber...

BIT-WORDPRESS-2021-39203

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This...

PT-2023-14944 · Scone · Scone

Name of the Vulnerable Software and Affected Versions: SCONE versions prior to 5.8.0 Description: The issue is related to the improper initialization of x87 and SSE floating-point configuration registers in the scone entry component of SCONE for Intel SGX. This allows a local attacker to compromi...