2020 matches found
[SECURITY] Fedora 41 Update: python-notebook-7.4.0-1.fc41
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
[SECURITY] Fedora 42 Update: python-notebook-7.4.0-1.fc42
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
[SECURITY] Fedora 40 Update: python-notebook-7.4.0-1.fc40
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
Fortinet FortiWeb Incorrect user management in widgets dashboard (FG-IR-24-184)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-184 advisory. - An Incorrect User Management vulnerability CWE-286 in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version...
CVE-2025-31869
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Modernaweb Studio Black Widgets For Elementor black-widgets allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through = 1.3.9...
CVE-2025-31539
Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through = 2.0.1...
CVE-2025-31869
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Modernaweb Studio Black Widgets For Elementor black-widgets allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through = 1.3.9...
CVE-2025-31869 WordPress Black Widgets For Elementor plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Modernaweb Studio Black Widgets For Elementor black-widgets allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through = 1.3.9...
CVE-2025-31869 WordPress Black Widgets For Elementor plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS. This issue affects Black Widgets For Elementor: from n/a through 1.3.9...
CVE-2024-12189 WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom widgets in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This...
PT-2025-14246 · Unknown · Black Widgets For Elementor
Name of the Vulnerable Software and Affected Versions: Black Widgets For Elementor versions 1.3.9 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...
WordPress plugin Black Widgets For Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
WordPress Cryptocurrency Widgets Pack plugin <= 2.0.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Cryptocurrency Widgets Pack versions = 2.0.1...
CVE-2025-31539
Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through = 2.0.1...
CVE-2025-31539 WordPress Cryptocurrency Widgets Pack plugin <= 2.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cryptocurrency Widgets Pack: from n/a through 2.0.1...
CVE-2025-31539 WordPress Cryptocurrency Widgets Pack plugin <= 2.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through = 2.0.1...
CVE-2025-31539
CVE-2025-31539 concerns a Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack (WordPress). Affected: Blocksera Widgets Pack versions from n/a up to 2.0.1. Root cause: Incorrectly configured access control security levels leading to Missing Authorization. Impact: CVSS 3.1 ...
WordPress plugin Blocksera Cryptocurrency Widgets Pack 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Malicious code in widgets-appointmentsmastercatalogtool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c565161397aa1043a43e73af3ab4716e2b6aad5ff7c1f4905131fe4575ed148 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2917 Malicious code in widgets-appointmentsmastercatalogtool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c565161397aa1043a43e73af3ab4716e2b6aad5ff7c1f4905131fe4575ed148 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...