PT-2026-46358

Unauthenticated Local File Inclusion in Top Dog = 1.0.5 versions...

PT-2026-46371

Unauthenticated Local File Inclusion in Eros = 1.3 versions...

PT-2026-46208

WordPress Hybrid Composer 1.4.6 contains an unauthenticated settings change vulnerability that allows unauthenticated attackers to modify WordPress options by exploiting the hc ajax save option action. Attackers can send POST requests to the admin-ajax.php endpoint with the action parameter set t...

PT-2026-46323

Unauthenticated Local File Inclusion in Imba = 1.5.0 versions...

WordPress plugin ad manager wd 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-46344

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in EMV JobCareer allows Path Traversal. This issue affects JobCareer: from n/a through 7.3...

PT-2026-46338

Unauthenticated Local File Inclusion in Deliciosa = 1.10.0 versions...

PT-2026-46359

Unauthenticated Local File Inclusion in Medeus = 1.14 versions...

PT-2026-46361

Unauthenticated Local File Inclusion in Gamic = 1.15 versions...

PT-2026-46342

Unauthenticated Local File Inclusion in Fortius = 2.3.0 versions...

PT-2026-46360

Unauthenticated Cross Site Scripting XSS in Grand Car Rental = 3.7 versions...

PT-2026-46366

Unauthenticated Local File Inclusion in Grecko = 5.17 versions...

PT-2026-46363

Unauthenticated Local File Inclusion in Printo = 1.11 versions...

PT-2026-46372

Unauthenticated Local File Inclusion in Spike = 1.2 versions...

PT-2026-46330

Unauthenticated Local File Inclusion in Nexio = 1.10.0 versions...

PT-2026-46378

Unauthenticated Local File Inclusion in Line Agency = 1.3.1 versions...

PT-2026-46355

Unauthenticated Local File Inclusion in Dom = 1.24 versions...

PT-2026-46368

Unauthenticated Local File Inclusion in Skyward = 1.10 versions...

PT-2026-46212

Name of the Vulnerable Software and Affected Versions Zoner Real Estate version 4.1.1 Description A persistent cross-site scripting issue exists where authenticated agents can inject malicious JavaScript payloads through the Address input field during property creation. These scripts execute when...

PT-2026-46215

WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'tid' parameter. Attackers can send GET requests to the admin interface with malicious 'tid'...