10 matches found
EUVD-2026-37624
Unauthenticated Cross Site Scripting XSS in WPFunnels Pro = 2.9.4 versions...
Important: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.9.4
Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.9.4 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.9.4 release that simplify the process of...
CVE-2025-8388
The PowerPack Elementor Addons Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cursorurl’ parameter in all versions up to, and including, 2.9.4 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2021-37478
In NavigateCMS version 2.9.4 and below, function block is vulnerable to sql injection on parameter block-order, which results in arbitrary sql query execution in the backend database...
WordPress ListingPro theme <= 2.9.4 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme ListingPro versions = 2.9.4...
PT-2024-23907 · Unknown · Aerin Loan Repayment Calculator/Application Form
Name of the Vulnerable Software and Affected Versions: aerin Loan Repayment Calculator and Application Form versions 2.9.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintende...
SUSE CVE-2023-45805
pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...
DEBIAN-CVE-2023-45805
pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...
PT-2023-11358 · Unknown · Happyman Twmap
Name of the Vulnerable Software and Affected Versions: happyman twmap versions prior to v2.9 v4.31 Description: A critical issue was found in happyman twmap, affecting an unknown functionality of the file twmap3/data/ajaxCRUD/pointdata2.php. The manipulation of the id argument leads to sql...
Electrum Python Console Bitcoin Theft Vulnerability
Electrum is a lightweight bitcoin client software. python console is one of the python console programs. A security vulnerability exists in the Python console in Electrum versions 2.9.4 and earlier and versions 3.x through 3.0.5. An attacker can exploit this vulnerability to steal bitcoins with t...