CVE-2026-8048

The My Email Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subject' shortcode attribute in the 'my-email' shortcode in all versions up to, and including, 0.91 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

Django vulnerable to Denial of Service via i18n middleware component

The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...

PT-2021-7703 · Inkscape +2 · Inkscape +2

Name of the Vulnerable Software and Affected Versions: Inkscape versions 0.19 through 0.91 Description: The issue is related to an out-of-bounds write, which may allow an attacker to execute arbitrary code. This could potentially enable a remote attacker to access confidential data, compromise it...

PYSEC-2008-1

Cross-site scripting XSS vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request...