CVE-2026-25410

Missing Authorization vulnerability in tstephenson WP-CORS wp-cors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CORS: from n/a through = 0.2.2...

@afaizal/apidoc-swagger (>=0.2.2 <=0.3.7), @b1cloud/apidoc-postman (=1.0.0) +93 more potentially affected by CVE-2025-13158 via apidoc-core (>=0.2.2 <=0.8.3)

apidoc-core NPM version =0.2.2, =0.2.2, =1.0.2, =1.0.1, =1.0.5, =4.1.2, =0.0.0, =1.0.2, =4.5.0, =0.17.6, =0.17.9 - abstract-scheduler =0.6.0 and more Source cves: CVE-2025-13158 Source advisory: SNYK:JS-APIDOCCORE-14723211...

CVE-2025-13906

The WP Flot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'linechart' shortcode in all versions up to, and including, 0.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

@asyncapi-actions-test/trusted-publishing-test_asyncapi-cli (>=4.1.3 <=5.4.0), @asyncapi/cli (>=0.13.0 <=6.0.0) +4 more potentially affected by unknown CVE via @asyncapi/diff (>=0.2.2 <=0.5.0)

@asyncapi/diff NPM version =0.2.2, =4.1.3, =0.13.0, =0.16.0, =0.10.0, =1.4.14, =1.4.39 - trusted-publishing-testasyncapi-cli =4.1.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190655...

CVE-2025-26919

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tainacan Tainá taina allows Stored XSS.This issue affects Tainá: from n/a through 0.2.5...

WordPress Tainá plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Theme Tainá versions 0.2.5...

agentverse (=0.1.8.1), airoboros (=2.1.1) +35 more potentially affected by CVE-2024-11603 via fschat (>=0.2.2 <=0.2.36)

fschat PYPI version =0.2.2, =0.3.0, =0.0.1, =1.1.0, =0.1.1, =0.1.1, =0.9.0.8, =0.1.1, =0.1.8 and more Source cves: CVE-2024-11603 Source advisory: SNYK:PYTHON-FSCHAT-9553181...

agentverse (=0.1.8.1), airoboros (=2.1.1) +35 more potentially affected by CVE-2024-10907 via fschat (>=0.2.2 <=0.2.36)

fschat PYPI version =0.2.2, =0.3.0, =0.0.1, =1.1.0, =0.1.1, =0.1.1, =0.9.0.8, =0.1.1, =0.1.8 and more Source cves: CVE-2024-10907 Source advisory: OSV:GHSA-QG86-F892-M4HJ...

PT-2024-22316

Name of the Vulnerable Software and Affected Versions turbo boost-commands versions prior to 0.1.3 turbo boost-commands versions prior to 0.2.2 Description TurboBoost Commands has existing protections in place to guarantee that only public methods on Command classes can be invoked; however, the...