WordPress plugin AIWU security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2026-45364

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

CVE-2025-66457

CVE-2025-66457 affects Elysia (TypeScript framework). Vulnerability: when dynamic cookies are enabled and a cookie schema exists, the cookie config can be injected into compiled routes without sanitisation, enabling Arbitrary Code Injection. Root cause: unsanitized dynamic cookie configuration in...

@asyncapi/cli (>=2.16.8 <=4.1.1), @asyncapi/server-api (=0.16.23) +1 more potentially affected by unknown CVE via @asyncapi/converter (>=1.4.17 <=1.5.0)

@asyncapi/converter NPM version =1.4.17, =2.16.8, =0.21.4, =1.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-ASYNCAPICONVERTER-14103251...

CVE-2025-58195 WordPress Xpro Elementor Addons Plugin <= 1.4.17 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through = 1.4.17...

XStream 代码问题漏洞

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

XStream 代码问题漏洞

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

XStream 代码问题漏洞

XStream is an open source Java class library that is mainly used to serialize objects to XML JSON or deserialize them to objects.XStream 1.4.17 and earlier versions have an arbitrary code execution vulnerability that can be exploited by attackers to cause arbitrary code execution...

PT-2015-4526 · Django +1 · Django +1

Name of the Vulnerable Software and Affected Versions: Django versions 1.4.17 and earlier Django versions 1.6.x before 1.6.10 Django versions 1.7.x before 1.7.3 Description: The issue allows remote attackers to spoof WSGI headers by using an underscore character instead of a - dash character in a...