CVE-2026-11447

Summary: CVE-2026-11447 affects GL.iNet GL-MT3000 (firmware up to 4.4.5), specifically the MTK Backend component’s file iwinfo.so and the function iwinfo_backend. By manipulating the device argument, an attacker can trigger a remote command injection , with exploitation reportedly public. The iss...

CVE-2024-34825

Cross-Site Request Forgery CSRF vulnerability in Warfare Plugins Social Warfare.This issue affects Social Warfare: from n/a through 4.4.5.1...

CVE-2024-4383

The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpmpaypalsubscriptioncancellink' shortcode in all versions up to, and including, 4.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

Hitachi Content Platform Anywhere (HCP-AW) 信息泄露漏洞

Hitachi Content Platform Anywhere Hcp-Aw is a fully integrated on-premise solution from Hitachi, Japan. for providing secure file synchronization and sharing services. An information disclosure vulnerability exists in Hitachi Content Platform Anywhere HCP-AW versions 4.4.5 and earlier, which can ...