6 matches found
CVE-2026-13489
A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...
PT-2026-53102
Name of the Vulnerable Software and Affected Versions xiaozhi-esp32 versions prior to 2.2.7 Description A weakness in the MCP Response Handler component allows for improper synchronization. This issue occurs within the ParseMessage function located in the main/mcp server.cc file. Remote...
WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Doan Dinh Van in WordPress Plugin Review Schema versions = 2.2.6...
CVE-2025-67550
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...
CVE-2025-67550 WordPress Donation Thermometer plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...
PT-2023-30650 · WordPress · Wpforo Forum
Name of the Vulnerable Software and Affected Versions: wpForo Forum versions through 2.2.6 Description: The issue is related to Cross-Site Request Forgery CSRF and Missing Authorization, allowing unauthorized access to functionality not properly constrained by Access Control Lists ACLs. This can...