EUVD-2026-30546

An issue in Nodemailer smtpserver before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream.write, lib/smtp-stream.js components...

CVE-2025-53349

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...

CVE-2025-53349 WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...

EUVD-2025-37993

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...

EUVD-2025-24900

Malicious code in bioql PyPI...

CVE-2025-53348

Missing Authorization vulnerability in Laborator Kalium kalium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalium: from n/a through = 3.18.3...

CVE-2025-53348

CVE-2025-53348 is a WordPress Kalium theme vulnerability (versions ≤ 3.18.3) described by Patchstack as a Broken Access Control / Missing Authorization issue, exploitable unauthenticatedly with a CVSS v3.1 base score of 5.3 (Medium). Patchstack notes that a fix is not available, classifying the p...

CVE-2025-53348 WordPress Kalium Theme <= 3.18.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Laborator Kalium kalium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalium: from n/a through = 3.18.3...

WordPress plugin Kalium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Kalium Theme <= 3.18.3 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Kalium versions = 3.18.3...

12 Step Meeting List < 3.18.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The 12 Step Meeting List plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.18.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, ...

CVE-2025-53347

Cross-Site Request Forgery CSRF vulnerability in Laborator Kalium kalium allows Cross Site Request Forgery.This issue affects Kalium: from n/a through = 3.18.3...

CVE-2025-53347 WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Laborator Kalium kalium allows Cross Site Request Forgery.This issue affects Kalium: from n/a through = 3.18.3...

CVE-2025-53347 WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Laborator Kalium kalium allows Cross Site Request Forgery.This issue affects Kalium: from n/a through = 3.18.3...

CVE-2025-54054 WordPress 12 Step Meeting List Plugin <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Stored XSS.This issue affects 12 Step Meeting List: from n/a through = 3.18.3...

CVE-2025-54054

CVE-2025-54054 : WordPress plugin “12 Step Meeting List” is affected by a Stored XSS due to improper input neutralization during web page generation. Affected versions are 12 Step Meeting List up to 3.18.3. Connected sources confirm this as a real vulnerability entry and indicate a patch exists; ...

WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Kalium versions = 3.18.3...

WordPress Kalium Theme <= 3.18.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Kalium Type Theme Vulnerable versions = 3.18.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2025-53347 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 959fedc4e441 Credits Ananda Dhakal Patchstack...

PT-2025-33375 · Laborator · Kalium

Name of the Vulnerable Software and Affected Versions: Kalium versions n/a through 3.18.3 Description: A Cross-Site Request Forgery CSRF vulnerability exists in Laborator Kalium, allowing attackers to perform actions on behalf of authenticated users. Recommendations: Update Kalium to a version...

openSUSE Security Advisory (SUSE-SU-2025:02121-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...