CVE-2026-39618 WordPress NewsExo theme <= 7.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in themearile NewsExo newsexo allows Cross Site Request Forgery.This issue affects NewsExo: from n/a through = 7.1...

PT-2026-20706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VeronaLabs WP SMS wp-sms allows DOM-Based XSS.This issue affects WP SMS: from n/a through = 7.1...

CVE-2021-22193

An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a private group was able to validate the use of a specific name for private project...

CVE-2023-25463

Cross-Site Request Forgery CSRF vulnerability in Gopi Ramasamy WP tell a friend popup form plugin = 7.1 versions...

CVE-2021-41189

DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a...

WordPress WP JobHunt plugin <= 7.1 - Unauthenticated Privilege Escalation via Email Update/Account Takeover vulnerability

Unauthenticated Privilege Escalation via Email Update/Account Takeover vulnerability discovered by Tonn in WordPress Plugin WP JobHunt versions = 7.1...

Fortinet FortiADC 信息泄露漏洞

Fortinet FortiADC is an application delivery controller from Fortinet, Inc. An information disclosure vulnerability exists in Fortinet FortiADC, which stems from the exposure of sensitive information and could lead to obtaining passwords for external resources. The following versions are affected...

EUVD-2025-33894

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users due to client-side enforcement of server-side security...

EUVD-2021-19328

Malware in sbrugna...

EUVD-2020-18467

Malware in sbrugna...

EUVD-2012-0776

Malware in sbrugna...

EUVD-2022-37411

Malicious code in bioql PyPI...

EUVD-2022-42816

Malicious code in bioql PyPI...

CVE-2024-39174

A cross-site scripting XSS vulnerability in the Publish Article function of yzmcms v7.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a published article...

CVE-2021-42566

myfactory.FMS before 7.1-912 allows XSS via the Error parameter...

CVE-2013-2299

Cross-site scripting XSS vulnerability in Advantech WebAccess formerly BroadWin WebAccess before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2024-12810

The JobCareer | Job Board Responsive WordPress Theme theme for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 7.1. This makes it possible for authenticated attackers, wit...

CVE-2025-1373

A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function movreadtrak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The...

FFmpeg < 7.2 Out-of-bounds Read

The version of FFmpeg installed on the remote host is 7.1 prior to 7.2. It is, therefore, affected by a vulnerability: - Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an executable. CVE-2025-0518 Nessus has not tested for these issues bu...

WordPress File Manager Plugin < 7.1 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:webdesi9:filemanager"; if description...