WordPress PDF for Contact Form 7 + Drag and Drop Template Builder plugin <= 6.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Duplication vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Post Duplication vulnerability discovered by Legion Hunter in WordPress Plugin PDF for Contact Form 7 versions = 6.3.3...

CVE-2025-11378

The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...

EUVD-2025-27453

Malicious code in bioql PyPI...

CVE-2025-58662

Deserialization of Untrusted Data vulnerability in awesomesupport Awesome Support awesome-support allows Object Injection.This issue affects Awesome Support: from n/a through = 6.3.5...

CVE-2025-53340

Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Retrieve Embedded Sensitive Data.This issue affects Awesome Support: from n/a through = 6.3.6...

CVE-2025-53340 WordPress Awesome Support plugin <= 6.3.6 - Sensitive Data Exposure vulnerability

Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Retrieve Embedded Sensitive Data.This issue affects Awesome Support: from n/a through = 6.3.6...

CVE-2025-53340

CVE-2025-53340 affects the WordPress plugin Awesome Support. Public docs describe a Missing Authorization vulnerability in Awesome Support, impacting versions up to 6.3.4 (per CVE entry). Related sources indicate this is an information exposure issue with medium base severity (CVSS 3.1/3.1 base 5...

CVE-2023-41171

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 3 of 4...

CVE-2023-41168

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 1 of 4...

WordPress 6.3.x < 6.3.4 Cross-Site Scripting

According to its self-reported version number, the detected WordPress application is affected by a Cross-Site Scripting XSS vulnerability affecting the avatar block type. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

NetScout nGeniusONE Cross-Site Scripting Vulnerability

NetScout nGeniusONE is a centralized application management and network performance solution from NetScout, Inc. A cross-site scripting vulnerability exists in NetScoutnGeniusOne version v.6.3.4 that could allow a remote attacker to execute arbitrary code via the creator parameter on the Alert...

NetScout nGeniusONE Cross-Site Scripting Vulnerability

NetScout nGeniusONE is a centralized application management and network performance solution from NetScout, Inc. A cross-site scripting vulnerability exists in NetScout nGeniusONE v.6.3.4 that could allow a remote attacker to execute arbitrary code via the name parameter of the Profile and...

PT-2024-12120 · Netscout · Netscout Ngeniusone

Name of the Vulnerable Software and Affected Versions: NetScout nGeniusOne version 6.3.4 Description: An issue in NetScout nGeniusOne allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file. Recommendations: For NetScout nGeniusOne version 6.3.4, consid...

PT-2024-12119 · Netscout · Netscout Ngeniusone

Name of the Vulnerable Software and Affected Versions: NetScoutnGeniusOne version 6.3.4 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the creator parameter of the "Alert Configuration" page. This enables the attacker to perform unauthorized actio...

CVE-2023-41172

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 4 of 4...

CVE-2023-41168

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 1 of 4...

Cross site scripting

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 3 of 4...

PT-2023-27846 · Netscout · Ngeniusone

Name of the Vulnerable Software and Affected Versions: NetScout nGeniusONE version 6.3.4 build 2298 Description: The issue is a Reflected Cross-Site scripting vulnerability. Recommendations: For NetScout nGeniusONE version 6.3.4 build 2298, consider disabling the affected feature or restricting...

NetScout nGeniusONE Security Vulnerability

NetScout nGeniusONE is a centralized application management and network performance solution from NetScout, Inc. A security vulnerability exists in NetScout nGeniusONE version 6.3.4. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...

NetScout nGeniusONE Security Vulnerability

NetScout nGeniusONE is a centralized application management and network performance solution from NetScout, Inc. A security vulnerability exists in NetScout nGeniusONE version 6.3.4. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...