CVE-2026-25379 WordPress StreamVid theme < 6.8.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes StreamVid streamvid allows PHP Local File Inclusion.This issue affects StreamVid: from n/a through 6.8.6...

WordPress plugin StreamVid 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2024-1799

The GamiPress – The 1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to SQL Injection via the 'achievementtypes' attribute of the gamipressearnings shortcode in all versions up to, and including, 6.8.6 due to insufficient escapin...

Rocket.Chat 安全漏洞

Rocket.Chat is a chat program from Rocket.Chat Inc. A security vulnerability exists in Rocket.Chat. An attacker exploiting this vulnerability is able to abuse the UpdateOTRAck method. The following versions are affected: version 6.12.0, version 6.11.2, version 6.10.5, version 6.9.6, version 6.8.6...

Cross site scripting

A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/addfieldtoform.php. The manipulation of the argument fieldname/mergetag/fieldtype/listid leads to cross site scripting. It...

WordPress Easy Forms for Mailchimp plugin <= 6.8.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Easy Forms for Mailchimp plugin versions = 6.8.5. Solution Update the WordPress Easy Forms for Mailchimp plugin to the latest available version at least 6.8.6...