PT-2025-32623 · WordPress · B Blocks

Name of the Vulnerable Software and Affected Versions: B Blocks plugin for WordPress versions prior to 2.0.7 Description: The B Blocks plugin for WordPress is susceptible to privilege escalation due to missing authorization and improper input validation within the rgfr registration function. This...

CVE-2024-24718

CVE-2024-24718: PropertyHive WordPress plugin had a Missing Authorization flaw (unauthenticated) allowing activation of pro features via activate_pro_feature() without proper capability checks

PT-2021-20330 · Jdom +3 · Jdom +3

Name of the Vulnerable Software and Affected Versions: JDOM versions 2.0.6 and earlier Description: An XXE issue in SAXBuilder in JDOM allows attackers to cause a denial of service via a crafted HTTP request. Recommendations: For JDOM versions 2.0.6 and earlier, as a temporary workaround, conside...

CVE-2010-5027

Cross-site scripting XSS vulnerability in winners.php in Science Fair In A Box SFIAB 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. NOTE: some of these details are obtained from third party information...