8 matches found
CVE-2026-25521
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. In versions from 2.0.12 to before 2.0.39, a prototype pollution vulnerability exists in locutus. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input...
CVE-2026-25521 Locutus is vulnerable to Prototype Pollution
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. In versions from 2.0.12 to before 2.0.39, a prototype pollution vulnerability exists in locutus. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input...
WordPress WP Table Builder Plugin <= 2.0.12 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin WP Table Builder versions = 2.0.12...
CVE-2024-3607
The PropertyHive plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletekeydate function in all versions up to, and including, 2.0.12. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete...
CVE-2025-26907
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Estatik Mortgage Calculator Estatik estatik-mortgage-calculator allows Stored XSS.This issue affects Mortgage Calculator Estatik: from n/a through = 2.0.12...
PT-2024-30306 · Aruba · Aruba Hispeed Cache
Name of the Vulnerable Software and Affected Versions: Aruba HiSpeed Cache versions 2.0.12 and earlier Description: The issue is related to a Missing Authorization vulnerability in Aruba HiSpeed Cache, which allows exploitation of incorrectly configured access control security levels...
PT-2021-3608 · Sdl +5 · Sdl +5
Name of the Vulnerable Software and Affected Versions: SDL Simple DirectMedia Layer versions 2.0.12 and earlier Description: The issue is related to an integer overflow in the SDL BlitCopy function in the video/SDL blit copy.c component of the Simple DirectMedia Layer library. This can lead to SD...
PT-2007-5222 · Swsoft · Swsoft Confixx Pro
Name of the Vulnerable Software and Affected Versions: SWSoft Confixx Pro versions 2.0.12 through 3.3.1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter in the admin/business inc/saveserver.php file. Recommendations: For SWSoft Confix...