WordPress Takeads plugin <= 1.0.13 - Missing Authorization to Plugin Settings Deletion vulnerability

Missing Authorization to Plugin Settings Deletion vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Takeads versions = 1.0.13...

EUVD-2025-203575

Missing Authorization vulnerability in merkulove Coder for Elementor coder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coder for Elementor: from n/a through = 1.0.13...

@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +59 more potentially affected by CVE-2025-66457 via elysia (>=1.0.13 <=1.4.16)

elysia NPM version =1.0.13, =0.0.1, =0.1.0, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =1.0.0-next.4, =1.0.0, =0.0.1, =1.0.3, =1.1.0, =1.1.2 - @fangorn-network/fetch =2026.4.0-9.dev and more Source cves: CVE-2025-66457 Source advisory: SNYK:JS-ELYSIA-14287466...

WordPress plugin Takeads 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

GatesAir Flexiva-LX Series 安全漏洞

The GatesAir Flexiva-LX Series is a series of solid-state FM transmitters from GatesAir USA. A security vulnerability exists in the GatesAir Flexiva-LX Series versions 1.0.13 and 2.0 that originates from a publicly accessible log file exposing sensitive session identifiers, which could lead to...

EUVD-2025-15488

Malicious code in bioql PyPI...

WordPress plugin History Log by click5 SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

PT-2025-7754 · Seo Roma · Auto Tag Links

Name of the Vulnerable Software and Affected Versions: Free plug in by SEO Roma Auto Tag Links versions 1.0.13 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that affects the Auto Tag Links plug-in, allowing unauthorized requests to be made on behalf of the...

PT-2023-29838 · Userback · Userback

Name of the Vulnerable Software and Affected Versions: Userback plugin versions 1.0.13 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...

CVE-2023-2402

The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

freeFTPd 代码问题漏洞

freeFTPd is an open source FTP File Transfer Protocol server. A security vulnerability exists in freeFTPd versions 1.0.13 and below that allows local users to start processes with elevated privileges...

DEBIAN-CVE-2010-2286

The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service infinite loop via unknown vectors...