CVE-2025-13438 Page Title, Description & Open Graph Updater <= 1.02 - Cross-Site Request Forgery to Arbitrary Page Title Modification

The Page Title, Description & Open Graph Updater plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.02. This is due to missing nonce validation on multiple AJAX actions including dienoupdatepagetitle. This makes it possible for unauthenticated...

WordPress plugin WP Hello Bar has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-10150

Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31...

PT-2025-44089

Name of the Vulnerable Software and Affected Versions Softing smartLink HW-PN versions 1.02 through 1.03 Softing smartLink HW-DP version 1.31 Description A webserver crash can occur due to scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switches. The issue is triggered ...

CVE-2025-44830

EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface...

WordPress WPMU Prefill Post Plugin <= 1.02 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WPMU Prefill Post versions = 1.02...

VulnCheck KEV: CVE-2024-23842

Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.024.02 allows an attacker to cause network attack in case of using defalut admin ID/PW...

Hitron Systems DVR Security Vulnerability

Hitron Systems DVR is a digital video recorder from Hitron Systems, a South Korean company. A security vulnerability exists in Hitron Systems DVR LGUVR-8H versions 1.02 through 4.02, which originates from incorrect input validation. An attacker could exploit the vulnerability to trigger a cyber...

PT-2024-2534

Name of the Vulnerable Software and Affected Versions Hitron Systems DVR LGUVR-4H versions 1.02 through 4.02 Description The issue is related to the use of default credentials in the Hitron Systems DVR LGUVR-4H, which can be exploited by a remote attacker to cause a denial of service by utilizing...

CVE-2022-4621

Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges...

多款Panasonic产品跨站请求伪造漏洞

The Panasonic VCC-HD5600P, among others, is a surveillance camera from Panasonic Corporation Panasonic of Japan. A cross-site request forgery vulnerability exists in multiple Panasonic products, versions 1.02-05 and 2.03-0x, which stems from vulnerability to cross-site request forgery attacks. An...

CVE-2017-2274

Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...