EUVD-2026-15863

Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Gracey: from n/a through 1.4...

SUSE CVE-2025-54314

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."...

CVE-2025-1626 Qi Blocks < 1.4 - Contributor+ Stored XSS vi Countdown Block

The Qi Blocks WordPress plugin before 1.4 does not validate and escape some of its Countdown block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-1625 Qi Blocks < 1.4 - Contributor+ Stored XSS via Counter Block

The Qi Blocks WordPress plugin before 1.4 does not validate and escape some of its Counter block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress plugin Qi Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress Edd Google Sheet Connector Pro plugin < 1.4 - Cross-Site Request Forgery to Access Code Update vulnerability

Cross-Site Request Forgery to Access Code Update vulnerability discovered by Erwan LR in WordPress Plugin Edd Google Sheet Connector Pro versions 1.4...

Zoom Jenkins Marketplace plugin 安全漏洞

Zoom Jenkins Marketplace plugin is a plugin from Zoom USA. A security vulnerability exists in Zoom Jenkins Marketplace plugin versions prior to 1.4 that originates from storing sensitive information in plaintext. An attacker can exploit the vulnerability to disclose sensitive information...

PT-2024-15359 · Arm · Arm Cortex-M Security Extensions

Name of the Vulnerable Software and Affected Versions: Software using Cortex-M Security Extensions CMSE compiled using toolchains that implement 'Arm v8-M Security Extensions Requirements on Development Tools' prior to version 1.4 Description: The issue is related to insufficient argument checkin...

Wordpress Vospari Forms plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . wordpress Vospari Forms is one of the registration form plugin . form submission is one of the form submission...