WordPress KiviCare plugin <= 4.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard vulnerability

Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard vulnerability discovered by WordFence in WordPress Plugin KiviCare versions = 4.1.2...

PT-2026-24399

Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description A stack buffer overflow condition exists in D-Link DIR-513 version 1.10. The issue is triggered by providing input to the curTime parameter within the ''/goform/formSetWizard1'' endpoint. This could allo...

CVE-2025-70243

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard534...

CVE-2019-2113

In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079...

EUVD-2022-29687

Malicious code in bioql PyPI...

CVE-2025-23468 WordPress Essay Wizard (wpCRES) plugin <= 1.0.6.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wrenchpilot Essay Wizard wpCRES essay-wizard-wpcres allows Reflected XSS.This issue affects Essay Wizard wpCRES: from n/a through = 1.0.6.4...

CVE-2019-13278

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if...

The vulnerability of the Wizard component in the microprogramming software of the RICOH Aficio MP multifunctional device allows a hacker to inject any code into the protected web page.

The vulnerability of the Wizard component file /web/entry/en/address/adrsSetUserWizard.cgi of the RICOH Aficio MP multifunctional device exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into...

The vulnerability of the Android operating system, which allows a hacker to trigger a service failure

The vulnerability of the Setup Wizard component in the Android operating system is related to access control deficiencies. Exploiting this vulnerability can allow a malicious actor to cause service failures, as well as lead to the device becoming completely unusable and requiring recompiling...