[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Apr 28 20:13:41 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2ec73d5f by security tracker role at 2026-04-28T19:13:34+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,149 @@
+CVE-2026-7324 (Memory safety bugs present in Firefox 150.0.0 and Thunderbird 150.0.0. ...)
+ TODO: check
+CVE-2026-7323 (Memory safety bugs present in Firefox ESR 140.10.0, Thunderbird ESR 14 ...)
+ TODO: check
+CVE-2026-7322 (Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10 ...)
+ TODO: check
+CVE-2026-7321 (Sandbox escape due to incorrect boundary conditions in the WebRTC: Net ...)
+ TODO: check
+CVE-2026-7320 (Information disclosure due to incorrect boundary conditions in the Aud ...)
+ TODO: check
+CVE-2026-7309 (A flaw was found in the OpenShift Container Platform build system. A u ...)
+ TODO: check
+CVE-2026-7291 (A weakness has been identified in o2oa up to 10.0. This affects the fu ...)
+ TODO: check
+CVE-2026-7290 (A vulnerability was determined in JeecgBoot up to 3.9.1. Impacted is t ...)
+ TODO: check
+CVE-2026-7289 (A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affect ...)
+ TODO: check
+CVE-2026-7288 (A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnera ...)
+ TODO: check
+CVE-2026-7283 (A security flaw has been discovered in SourceCodester Pharmacy Sales a ...)
+ TODO: check
+CVE-2026-7282 (A vulnerability was identified in SourceCodester Pharmacy Sales and In ...)
+ TODO: check
+CVE-2026-7281 (A vulnerability was determined in SourceCodester Pharmacy Sales and In ...)
+ TODO: check
+CVE-2026-7280 (AVACAST developed by eMPIA Technology has a Unquoted Service Path vuln ...)
+ TODO: check
+CVE-2026-7279 (AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerabili ...)
+ TODO: check
+CVE-2026-7272 (A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6 ...)
+ TODO: check
+CVE-2026-7271 (A vulnerability was detected in DV0x creative-ad-agent up to 751b9e514 ...)
+ TODO: check
+CVE-2026-7269 (A vulnerability was found in SourceCodester Pharmacy Sales and Invento ...)
+ TODO: check
+CVE-2026-7268 (A vulnerability has been found in SourceCodester Pizzafy Ecommerce Sys ...)
+ TODO: check
+CVE-2026-7267 (A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. ...)
+ TODO: check
+CVE-2026-7266 (A vulnerability was detected in SourceCodester Pizzafy Ecommerce Syste ...)
+ TODO: check
+CVE-2026-7265 (A security vulnerability has been detected in SourceCodester Pizzafy E ...)
+ TODO: check
+CVE-2026-7264 (A weakness has been identified in SourceCodester Pizzafy Ecommerce Sys ...)
+ TODO: check
+CVE-2026-7248 (A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects t ...)
+ TODO: check
+CVE-2026-7247 (A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected ...)
+ TODO: check
+CVE-2026-7244 (A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b202 ...)
+ TODO: check
+CVE-2026-7243 (A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521 ...)
+ TODO: check
+CVE-2026-7242 (A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521 ...)
+ TODO: check
+CVE-2026-7241 (A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Thi ...)
+ TODO: check
+CVE-2026-7240 (A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521 ...)
+ TODO: check
+CVE-2026-7238 (A flaw has been found in code-projects Online Music Site 1.0. This aff ...)
+ TODO: check
+CVE-2026-7237 (A vulnerability was detected in AgiFlow scaffold-mcp up to 1.0.27. Aff ...)
+ TODO: check
+CVE-2026-7235 (A security vulnerability has been detected in ErlichLiu claude-agent-s ...)
+ TODO: check
+CVE-2026-6706 (Improper access control in the vault documentation feature in Devolut ...)
+ TODO: check
+CVE-2026-6238 (The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the ...)
+ TODO: check
+CVE-2026-5944 (An improper access control vulnerability exists in the Cisco Intersigh ...)
+ TODO: check
+CVE-2026-5794 (A vulnerability affecting the detailed versions ofCryptobox allows a l ...)
+ TODO: check
+CVE-2026-5781 (An authorization vulnerability in MphRx's Minerva V3.6.0, specifically ...)
+ TODO: check
+CVE-2026-5780 (An insecure direct object reference (IDOR) vulnerability in MphRx's Mi ...)
+ TODO: check
+CVE-2026-5779 (An insecure direct object reference (IDOR) vulnerability in MphRx's Mi ...)
+ TODO: check
+CVE-2026-5435 (The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the ...)
+ TODO: check
+CVE-2026-4911 (The Booking Package plugin for WordPress is vulnerable to Price Manipu ...)
+ TODO: check
+CVE-2026-4805 (The Woostify plugin for WordPress is vulnerable to Stored Cross-Site S ...)
+ TODO: check
+CVE-2026-41873 (** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Re ...)
+ TODO: check
+CVE-2026-41607 (Out-of-bounds Read vulnerability in Apache Thrift. This issue affects ...)
+ TODO: check
+CVE-2026-41606 (Uncontrolled Recursion vulnerability in Apache Thrift. This issue aff ...)
+ TODO: check
+CVE-2026-41603 (Improper Validation of Certificate with Host Mismatch vulnerability in ...)
+ TODO: check
+CVE-2026-41602 (Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedT ...)
+ TODO: check
+CVE-2026-41526 (In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safel ...)
+ TODO: check
+CVE-2026-41525 (KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with A ...)
+ TODO: check
+CVE-2026-40980 (In Spring AI, a malicious PDF file can be crafted that triggers the al ...)
+ TODO: check
+CVE-2026-40979 (In Spring AI, having access to a shared environment can expose the ONN ...)
+ TODO: check
+CVE-2026-40978 (SQL injection vulnerability in Spring AI's `CosmosDBVectorStore` allow ...)
+ TODO: check
+CVE-2026-40969 (The raw message of every server-side AuthenticationException is return ...)
+ TODO: check
+CVE-2026-40968 (When an authenticated user is denied access to a gRPC method, their au ...)
+ TODO: check
+CVE-2026-40966 (In Spring AI, an attacker can bypass conversation isolation and exfilt ...)
+ TODO: check
+CVE-2026-40556 (GNU nano creates the user\u2019s ~/.local directory with overly permis ...)
+ TODO: check
+CVE-2026-40552 (mpGabinet is vulnerable to Remote Command Execution. An authorized use ...)
+ TODO: check
+CVE-2026-40551 (mpGabinet performs client-side authentication. An attacker with access ...)
+ TODO: check
+CVE-2026-40550 (mpGabinet is vulnerable to Privilege Escalation due to excessive datab ...)
+ TODO: check
+CVE-2026-3323 (An unsecured configuration interface on affected devices allows unauth ...)
+ TODO: check
+CVE-2026-38949 (Cross-Site Scripting (XSS) vulnerability exists in HTMLy version 3.1.1 ...)
+ TODO: check
+CVE-2026-38948 (Cross-Site Scripting (XSS) vulnerability exists in FUEL CMS v1.5.2 and ...)
+ TODO: check
+CVE-2026-38651 (Authentication Bypass vulnerability exists in Netmaker versions prior ...)
+ TODO: check
+CVE-2026-27760 (OpenCATS prior to commit 3002a29 contains a PHP code injection vulnera ...)
+ TODO: check
+CVE-2025-67223 (The Aranda File Server (AFS) component in Aranda Software Aranda Servi ...)
+ TODO: check
+CVE-2025-60889 (Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 ...)
+ TODO: check
+CVE-2025-60887 (An issue was discovered in Cista v0.15 and below. Insecure deserializa ...)
+ TODO: check
+CVE-2025-48431 (Mismatched Memory Management Routines vulnerability in Apache Thrift c ...)
+ TODO: check
+CVE-2025-10539 (Due to improper TLS certificate validation in the DeskTime Time Tracki ...)
+ TODO: check
+CVE-2024-54013 (Penetration Testing engineers at Amazon have identified a security fla ...)
+ TODO: check
+CVE-2024-54012 (Penetration Testing engineers at Amazon discovered a vulnerability whe ...)
+ TODO: check
+CVE-2024-54011 (Penetration Testing engineers at Amazon have discovered a flaw where t ...)
+ TODO: check
CVE-2026-23556
- xen <unfixed>
[trixie] - xen <no-dsa> (Minor issue)
@@ -20,15 +166,15 @@ CVE-2026-23558
CVE-2026-31787
- linux <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-487.html
-CVE-2026-41636
+CVE-2026-41636 (Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings ...)
- thrift <unfixed> (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2026/04/28/1
NOTE: nodejs bindings not built in Debian package
-CVE-2026-41605
+CVE-2026-41605 (Integer Overflow or Wraparound vulnerability in Apache Thrift. This i ...)
- thrift <unfixed> (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2026/04/28/4
NOTE: swift bindings not built in Debian package
-CVE-2026-41604
+CVE-2026-41604 (Out-of-bounds Read vulnerability in Apache Thrift. This issue affects ...)
- thrift <unfixed> (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2026/04/28/5
NOTE: swift bindings not built in Debian package
@@ -2730,31 +2876,37 @@ CVE-2026-34414 (Xerte Online Toolkits versions 3.15 and earlier contain a relati
CVE-2026-34413 (Xerte Online Toolkits versions 3.15 and earlier contain a missing auth ...)
NOT-FOR-US: Xerte Online Toolkits
CVE-2026-33611 (An operator allowed to use the REST API can cause the Authoritative se ...)
+ {DSA-6233-1}
- pdns <unfixed>
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#insufficient-validation-of-https-and-svcb-records
CVE-2026-33610 (A rogue primary server may cause file descriptor exhaustion and eventu ...)
+ {DSA-6233-1}
- pdns <unfixed>
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#possible-file-descriptor-exhaustion-in-forward-dnsupdate
CVE-2026-33609 (Incomplete escaping of LDAP queries when running with 8bit-dns enabled ...)
+ {DSA-6233-1}
- pdns <unfixed>
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#ldap-dn-injection
CVE-2026-33608 (An attacker can send a notify request that causes a new secondary doma ...)
+ {DSA-6233-1}
- pdns <unfixed>
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#incomplete-domain-name-sanitization-during-bind-autosecondary-zone-transfer
CVE-2026-33601 (If you use the zoneToCache function with a malicious authoritative ser ...)
+ {DSA-6234-1}
- pdns-recursor 5.4.1-1
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-03.html#cve-2026-33600-null-pointer-dereference-in-rpz-transfer
CVE-2026-33600 (An RPZ sent by a malicious authoritative server can result in a null p ...)
+ {DSA-6234-1}
- pdns-recursor 5.4.1-1
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
@@ -2765,16 +2917,19 @@ CVE-2026-33262 (An attacker can send replies that result in a null pointer deref
[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-03.html#cve-2026-33262-insufficient-validation-of-cookie-reply
CVE-2026-33261 (A zone transition from NSEC to NSEC3 might trigger an internal inconsi ...)
+ {DSA-6234-1}
- pdns-recursor 5.4.1-1
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-03.html#cve-2026-33261-null-pointer-access-in-aggressive-nsec-3-cache
CVE-2026-33259 (Having many concurrent transfers of the same RPZ can lead to inconsist ...)
+ {DSA-6234-1}
- pdns-recursor 5.4.1-1
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-03.html#cve-2026-33259-concurrent-modification-of-rpz-data-can-lead-to-denial-of-service
CVE-2026-33258 (By publishing and querying a crafted zone an attacker can cause alloca ...)
+ {DSA-6234-1}
- pdns-recursor 5.4.1-1
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
@@ -3303,11 +3458,13 @@ CVE-2005-20001
CVE-2000-5001
REJECTED
CVE-2026-33254 (An attacker can create a large number of concurrent DoQ or DoH3 connec ...)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33254-resource-exhaustion-via-doq-doh3-connections
CVE-2026-33257 (An attacker can send a web request that causes unlimited memory alloca ...)
+ {DSA-6235-1 DSA-6234-1 DSA-6233-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
@@ -3323,6 +3480,7 @@ CVE-2026-33257 (An attacker can send a web request that causes unlimited memory
NOTE: Mark the first version in unstable after 5.2.9 as the fixed version.
NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#insufficient-input-validation-of-internal-webserver
CVE-2026-33260 (An attacker can send a web request that causes unlimited memory alloca ...)
+ {DSA-6235-1 DSA-6234-1 DSA-6233-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
@@ -3338,41 +3496,49 @@ CVE-2026-33260 (An attacker can send a web request that causes unlimited memory
NOTE: Mark the first version in unstable after 5.2.9 as the fixed version.
NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html
CVE-2026-33593 (A client can trigger a divide by zero error leading to crash by sendin ...)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33593-denial-of-service-via-crafted-dnscrypt-query
CVE-2026-33594 (A client can trigger excessive memory allocation by generating a lot o ...)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33594-outgoing-doh-excessive-memory-allocation
CVE-2026-33595 (A client can trigger excessive memory allocation by generating a lot o ...)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33595-doq-doh3-excessive-memory-allocation
CVE-2026-33596 (A client might theoretically be able to cause a mismatch between queri ...)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33596-tcp-backend-stream-id-overflow
CVE-2026-33597 (PRSD detection denial of service)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33597-prsd-detection-denial-of-service
CVE-2026-33598 (A cached crafted response can cause an out-of-bounds read if custom Lu ...)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33598-out-of-bounds-read-in-cache-inspection-via-lua
CVE-2026-33599 (A rogue backend can send a crafted SVCB response to a Discovery of Des ...)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33599-out-of-bounds-read-in-service-discovery
CVE-2026-33602 (A rogue backend can send a crafted UDP response with a query ID off by ...)
+ {DSA-6235-1}
- dnsdist 2.0.4-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
@@ -15049,42 +15215,49 @@ CVE-2024-14030 (Sereal::Decoder versions from 4.000 through 4.009_002 for Perl e
CVE-2025-15618 (Business::OnlinePayment::StoredTransaction versions through 0.01 for P ...)
NOT-FOR-US: Business::OnlinePayment::StoredTransaction Perl module
CVE-2026-0396 (An attacker might be able to inject HTML content into the internal web ...)
+ {DSA-6235-1}
- dnsdist 2.0.3-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html
NOTE: https://downloads.powerdns.com/patches/2026-02/
CVE-2026-0397 (When the internal webserver is enabled (default is disabled), an attac ...)
+ {DSA-6235-1}
- dnsdist 2.0.3-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html
NOTE: https://downloads.powerdns.com/patches/2026-02/
CVE-2026-24028 (An attacker might be able to trigger an out-of-bounds read by sending ...)
+ {DSA-6235-1}
- dnsdist 2.0.3-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html
NOTE: https://downloads.powerdns.com/patches/2026-02/
CVE-2026-24029 (When the early_acl_drop (earlyACLDrop in Lua) option is disabled (defa ...)
+ {DSA-6235-1}
- dnsdist 2.0.3-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html
NOTE: https://downloads.powerdns.com/patches/2026-02/
CVE-2026-24030 (An attacker might be able to trick DNSdist into allocating too much me ...)
+ {DSA-6235-1}
- dnsdist 2.0.3-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html
NOTE: https://downloads.powerdns.com/patches/2026-02/
CVE-2026-27853 (An attacker might be able to trigger an out-of-bounds write by sending ...)
+ {DSA-6235-1}
- dnsdist 2.0.3-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html
NOTE: https://downloads.powerdns.com/patches/2026-02/
CVE-2026-27854 (An attacker might be able to trigger a use-after-free by sending craft ...)
+ {DSA-6235-1}
- dnsdist 2.0.3-1
[bookworm] - dnsdist <end-of-life> (See #1119290)
[bullseye] - dnsdist <end-of-life> (see #1119290)
@@ -17580,7 +17753,7 @@ CVE-2026-27076 (Improper Control of Filename for Include/Require Statement in PH
NOT-FOR-US: WordPress plugin or theme
CVE-2026-27075 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2026-27073 (Use of Hard-coded Credentials vulnerability in Addi Addi – Cuota ...)
+CVE-2026-27073 (Use of Hard-coded Credentials vulnerability in Addi Addi \u2013 Cuotas ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-27071 (Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows ...)
NOT-FOR-US: WordPress plugin or theme
@@ -18657,6 +18830,7 @@ CVE-2026-28875 (A buffer overflow was addressed with improved bounds checking. T
CVE-2026-28874 (The issue was addressed with improved checks. This issue is fixed in i ...)
NOT-FOR-US: Apple
CVE-2026-28871 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.1-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.1-1
@@ -18681,6 +18855,7 @@ CVE-2026-28863 (A permissions issue was addressed with additional restrictions.
CVE-2026-28862 (A privacy issue was addressed with improved private data redaction for ...)
NOT-FOR-US: Apple
CVE-2026-28861 (A logic issue was addressed with improved state management. This issue ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.1-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.1-1
@@ -18689,6 +18864,7 @@ CVE-2026-28861 (A logic issue was addressed with improved state management. This
[bullseye] - wpewebkit <end-of-life> (see #1035997)
NOTE: https://webkitgtk.org/security/WSA-2026-0002.html
CVE-2026-28859 (The issue was addressed with improved memory handling. This issue is f ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.1-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.1-1
@@ -18699,6 +18875,7 @@ CVE-2026-28859 (The issue was addressed with improved memory handling. This issu
CVE-2026-28858 (A buffer overflow was addressed with improved bounds checking. This is ...)
NOT-FOR-US: Apple
CVE-2026-28857 (The issue was addressed with improved memory handling. This issue is f ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.1-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.1-1
@@ -18797,6 +18974,7 @@ CVE-2026-20693 (This issue was addressed through improved state management. This
CVE-2026-20692 (A privacy issue was addressed with improved handling of user preferenc ...)
NOT-FOR-US: Apple
CVE-2026-20691 (An authorization issue was addressed with improved state management. T ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.1-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.1-1
@@ -18819,6 +18997,7 @@ CVE-2026-20670 (An authorization issue was addressed with improved state managem
CVE-2026-20668 (A logging issue was addressed with improved data redaction. This issue ...)
NOT-FOR-US: Apple
CVE-2026-20665 (This issue was addressed through improved state management. This issue ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.1-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.1-1
@@ -18827,6 +19006,7 @@ CVE-2026-20665 (This issue was addressed through improved state management. This
[bullseye] - wpewebkit <end-of-life> (see #1035997)
NOTE: https://webkitgtk.org/security/WSA-2026-0002.html
CVE-2026-20664 (The issue was addressed with improved memory handling. This issue is f ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.1-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.1-1
@@ -22101,9 +22281,9 @@ CVE-2025-67112 (Use of a hard-coded AES-256-CBC key in the configuration backup/
NOT-FOR-US: Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware
CVE-2025-62043 (Improper neutralization of input during web page generation ('cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-60237 (Deserialization of Untrusted Data vulnerability in Themeton Finag fina ...)
+CVE-2025-60237 (Deserialization of Untrusted Data vulnerability in Themeton Finag allo ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-60233 (Deserialization of Untrusted Data vulnerability in Themeton Zuut zuut ...)
+CVE-2025-60233 (Deserialization of Untrusted Data vulnerability in Themeton Zuut allow ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53222 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -22229,7 +22409,7 @@ CVE-2026-28449 (OpenClaw versions prior to 2026.2.25 lack durable replay state f
NOT-FOR-US: OpenClaw
CVE-2026-28073 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2026-28070 (Missing Authorization vulnerability in Tips and Tricks HQ WP eMember w ...)
+CVE-2026-28070 (Missing Authorization vulnerability in Tips and Tricks HQ WP eMember a ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-28044 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -22907,6 +23087,7 @@ CVE-2026-22168 (OpenClaw versions prior to 2026.2.21 contain an approval-integri
CVE-2026-21994 (Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Vis ...)
NOT-FOR-US: Oracle
CVE-2026-20643 (A cross-origin issue in the Navigation API was addressed with improved ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.1-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.1-1
@@ -27535,7 +27716,7 @@ CVE-2026-28514 (Rocket.Chat is an open-source, secure, fully customizable commun
NOT-FOR-US: Rocket.Chat
CVE-2026-28106 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in K ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2026-28080 (Missing Authorization vulnerability in Rank Math Rank Math SEO PRO seo ...)
+CVE-2026-28080 (Missing Authorization vulnerability in Rank Math Rank Math SEO PRO all ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-27777 (Charging station authentication identifiers are publicly accessible vi ...)
NOT-FOR-US: Mobiliti e-mobi.hu
@@ -33877,7 +34058,7 @@ CVE-2025-68025 (Missing Authorization vulnerability in Addonify Addonify Floatin
NOT-FOR-US: WordPress plugin or theme
CVE-2025-68024 (Missing Authorization vulnerability in Addonify Addonify \u2013 WooCom ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-68023 (Missing Authorization vulnerability in Addonify Addonify – Compa ...)
+CVE-2025-68023 (Missing Authorization vulnerability in Addonify Addonify \u2013 Compar ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-68022 (Missing Authorization vulnerability in soporteblue Plugin BlueX for Wo ...)
NOT-FOR-US: WordPress plugin or theme
@@ -33939,7 +34120,7 @@ CVE-2025-67970 (Missing Authorization vulnerability in vertim Schedula schedula-
NOT-FOR-US: WordPress plugin or theme
CVE-2025-67969 (Missing Authorization vulnerability in knitpay UPI QR Code Payment Gat ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-67624 (Missing Authorization vulnerability in Arya Dhiratara Optimize More! & ...)
+CVE-2025-67624 (Missing Authorization vulnerability in Arya Dhiratara Optimize More! \ ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-67547 (Missing Authorization vulnerability in uixthemes Konte konte allows Ex ...)
NOT-FOR-US: WordPress plugin or theme
@@ -44705,7 +44886,7 @@ CVE-2026-24564 (Improper Neutralization of Script-Related HTML Tags in a Web Pag
NOT-FOR-US: WordPress plugin or theme
CVE-2026-24563 (Missing Authorization vulnerability in Ashan Perera LifePress lifepres ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2026-24562 (Missing Authorization vulnerability in Ryviu Ryviu – Product Rev ...)
+CVE-2026-24562 (Missing Authorization vulnerability in Ryviu Ryviu \u2013 Product Revi ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-24561 (Missing Authorization vulnerability in Mahmudul Hasan Arif FluentBoard ...)
NOT-FOR-US: WordPress plugin or theme
@@ -50860,6 +51041,7 @@ CVE-2025-59057 (React Router is a router for React. In @remix-run/react versions
CVE-2025-51626 (SQL injection vulnerability in pss.sale.com 1.0 via the id parameter t ...)
NOT-FOR-US: pss.sale.com
CVE-2025-46299 (A memory initialization issue was addressed with improved memory handl ...)
+ {DSA-6232-1}
- webkit2gtk 2.52.0-1
[bookworm] - webkit2gtk <end-of-life> (see DSA-6232-1)
- wpewebkit 2.52.0-1
@@ -51188,7 +51370,7 @@ CVE-2026-22488 (Missing Authorization vulnerability in IdeaBox Creations Dashboa
NOT-FOR-US: WordPress plugin or theme
CVE-2026-22487 (Missing Authorization vulnerability in baqend Speed Kit baqend allows ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2026-22486 (Missing Authorization vulnerability in Hakob Re Gallery regallery allo ...)
+CVE-2026-22486 (Missing Authorization vulnerability in Re Gallery allows Exploiting In ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-22257 (Salvo is a Rust web backend framework. Prior to version 0.88.1, the fu ...)
NOT-FOR-US: Salvo
@@ -52070,7 +52252,7 @@ CVE-2025-30996 (Unrestricted Upload of File with Dangerous Type vulnerability in
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30631 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-29004 (Incorrect Privilege Assignment vulnerability in AA-Team Responsive Com ...)
+CVE-2025-29004 (Incorrect Privilege Assignment vulnerability in AA-Team Premium Age Ve ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-15474 (AuntyFey Smart Combination Lock firmware versions as of 2025-12-24 con ...)
NOT-FOR-US: AuntyFey Smart Combination Lock
@@ -52234,7 +52416,7 @@ CVE-2025-69355 (Missing Authorization vulnerability in Tickera Tickera tickera-e
NOT-FOR-US: WordPress plugin or theme
CVE-2025-69354 (Missing Authorization vulnerability in BBR Plugins Better Business Rev ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-69353 (Missing Authorization vulnerability in Proxy & VPN Blocker Proxy & ...)
+CVE-2025-69353 (Missing Authorization vulnerability in Proxy & VPN Blocker Proxy & VPN ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-69352 (Missing Authorization vulnerability in StellarWP The Events Calendar t ...)
NOT-FOR-US: WordPress plugin or theme
@@ -52290,7 +52472,7 @@ CVE-2025-47553 (Deserialization of Untrusted Data vulnerability in Digital zoom
NOT-FOR-US: WordPress plugin or theme
CVE-2025-46696 (Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, versi ...)
NOT-FOR-US: Dell / EMC
-CVE-2025-39477 (Missing Authorization vulnerability in Sfwebservice InWave Jobs iwjob ...)
+CVE-2025-39477 (Missing Authorization vulnerability in Sfwebservice InWave Jobs allows ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-36589 (Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Imprope ...)
NOT-FOR-US: Dell / EMC
@@ -54508,7 +54690,7 @@ CVE-2025-47566 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-34469 (Cowrie versions prior to 2.9.0 contain a server-side request forgery ( ...)
NOT-FOR-US: Cowrie
-CVE-2025-31054 (Cross-Site Request Forgery (CSRF) vulnerability in Themefy Bloggie blo ...)
+CVE-2025-31054 (Cross-Site Request Forgery (CSRF) vulnerability in Themefy Bloggie all ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30628 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
@@ -54794,7 +54976,7 @@ CVE-2025-62081 (Missing Authorization vulnerability in Channelize.io Team Live S
NOT-FOR-US: WordPress plugin or theme
CVE-2025-62080 (Cross-Site Request Forgery (CSRF) vulnerability in Channelize.io Team ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-62079 (Missing Authorization vulnerability in Damian WP Export Categories &am ...)
+CVE-2025-62079 (Missing Authorization vulnerability in Damian WP Export Categories & T ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-62078 (Missing Authorization vulnerability in Fahad Mahmood Easy Upload Files ...)
NOT-FOR-US: WordPress plugin or theme
@@ -55162,7 +55344,7 @@ CVE-2025-69024 (Missing Authorization vulnerability in bizswoop BizPrint print-g
NOT-FOR-US: WordPress plugin or theme
CVE-2025-69023 (Missing Authorization vulnerability in Marketing Fire Discussion Board ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-69022 (Missing Authorization vulnerability in Weblizar - WordPress Themes &am ...)
+CVE-2025-69022 (Missing Authorization vulnerability in Weblizar - WordPress Themes & P ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-69021 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box a ...)
NOT-FOR-US: WordPress plugin or theme
@@ -60601,7 +60783,7 @@ CVE-2025-66117 (Missing Authorization vulnerability in Ays Pro Easy Form easy-fo
NOT-FOR-US: WordPress plugin or theme
CVE-2025-66116 (Insertion of Sensitive Information Into Sent Data vulnerability in Use ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-66104 (Missing Authorization vulnerability in Anton Vanyukov Offload, AI & ...)
+CVE-2025-66104 (Missing Authorization vulnerability in Anton Vanyukov Offload, AI & Op ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-66102 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -65809,7 +65991,7 @@ CVE-2025-62090 (Missing Authorization vulnerability in Jegstudio Gutenverse News
NOT-FOR-US: WordPress plugin or theme
CVE-2025-62086 (Missing Authorization vulnerability in akazanstev \u042f\u043d\u0434\u ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-62085 (Missing Authorization vulnerability in Bertha AI – Andrew Palmer ...)
+CVE-2025-62085 (Missing Authorization vulnerability in Bertha AI \u2013 Andrew Palmer ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-62082 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -79659,7 +79841,7 @@ CVE-2025-62918 (Missing Authorization vulnerability in ignitionwp IgnitionDeck i
NOT-FOR-US: WordPress plugin or theme
CVE-2025-62917 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-62916 (Missing Authorization vulnerability in Travon WP Flights & Hotels ...)
+CVE-2025-62916 (Missing Authorization vulnerability in Travon WP Flights & Hotels Book ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-62915 (Missing Authorization vulnerability in clicksend SMS Contact Form 7 No ...)
NOT-FOR-US: WordPress plugin or theme
@@ -79725,7 +79907,7 @@ CVE-2025-62882 (Missing Authorization vulnerability in Craig Hewitt Seriously Si
NOT-FOR-US: WordPress plugin or theme
CVE-2025-62881 (Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-58918 (Cross-Site Request Forgery (CSRF) vulnerability in Waituk Entrada entr ...)
+CVE-2025-58918 (Cross-Site Request Forgery (CSRF) vulnerability in Waituk Entrada them ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48088 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -92402,7 +92584,7 @@ CVE-2025-53455 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53454 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-53452 (Missing Authorization vulnerability in Barry Event Rocket event-rocket ...)
+CVE-2025-53452 (Missing Authorization vulnerability in Barry Event Rocket allows Explo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53451 (Cross-Site Request Forgery (CSRF) vulnerability in mihdan Mihdan: No E ...)
NOT-FOR-US: WordPress plugin or theme
@@ -101974,9 +102156,9 @@ CVE-2025-51967 (A Reflected Cross-site Scripting (XSS) vulnerability exists in t
NOT-FOR-US: ProjectsAndPrograms School Management System
CVE-2025-51643 (Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbon ...)
NOT-FOR-US: Meitrack
-CVE-2025-49407 (Incorrect Privilege Assignment vulnerability in favethemes Premium SEO ...)
+CVE-2025-49407 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49405 (Path Traversal: '.../...//' vulnerability in Favethemes Pro Bulk Water ...)
+CVE-2025-49405 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49404 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
@@ -102220,7 +102402,7 @@ CVE-2025-58203 (Server-Side Request Forgery (SSRF) vulnerability in solacewp Sol
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58202 (Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippet ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-58201 (Missing Authorization vulnerability in AfterShip & Automizely Afte ...)
+CVE-2025-58201 (Missing Authorization vulnerability in AfterShip & Automizely AfterShi ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58198 (Missing Authorization vulnerability in Xpro Xpro Theme Builder xpro-th ...)
NOT-FOR-US: WordPress plugin or theme
@@ -104568,7 +104750,7 @@ CVE-2025-53195 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53194 (Deserialization of Untrusted Data vulnerability in Crocoblock JetEngin ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-49896 (Authorization Bypass Through User-Controlled Key vulnerability in wpta ...)
+CVE-2025-49896 (Cross-Site Request Forgery (CSRF) vulnerability in wptasker WP Discord ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49894 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
@@ -104582,13 +104764,13 @@ CVE-2025-49890 (Deserialization of Untrusted Data vulnerability in ThemeREX Orga
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49889 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49438 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+CVE-2025-49438 (Deserialization of Untrusted Data vulnerability in Max Chirkov Simple ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49436 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49434 (Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Re ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49428 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+CVE-2025-49428 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49426 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
@@ -104604,15 +104786,15 @@ CVE-2025-49412 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49411 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49410 (Unrestricted Upload of File with Dangerous Type vulnerability in Imran ...)
+CVE-2025-49410 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49409 (Deserialization of Untrusted Data vulnerability in brewlabs Portfolio ...)
+CVE-2025-49409 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49408 (Unrestricted Upload of File with Dangerous Type vulnerability in WPDev ...)
+CVE-2025-49408 (Insertion of Sensitive Information Into Sent Data vulnerability in WPD ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49406 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+CVE-2025-49406 (Missing Authorization vulnerability in favethemes Houzez allows Access ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49400 (Deserialization of Untrusted Data vulnerability in osama.esh PressApps ...)
+CVE-2025-49400 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49399 (Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms nex ...)
NOT-FOR-US: WordPress plugin or theme
@@ -105840,7 +106022,7 @@ CVE-2025-52619 (HCL BigFix SaaS Authentication Service is affected by a sensitiv
NOT-FOR-US: HCL
CVE-2025-52618 (HCL BigFix SaaS Authentication Service is affected by a SQL injection ...)
NOT-FOR-US: HCL
-CVE-2025-49895 (Missing Authorization vulnerability in iThemes School Management schoo ...)
+CVE-2025-49895 (Cross-Site Request Forgery (CSRF) vulnerability in iThemes ServerBuddy ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-44201
REJECTED
@@ -105957,9 +106139,9 @@ CVE-2025-54473 (An authenticated RCE vulnerability in Phoca Commander component
NOT-FOR-US: Joomla
CVE-2025-54466 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
NOT-FOR-US: Apache OFBiz scrum plugin
-CVE-2025-49898 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+CVE-2025-49898 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49897 (Incorrect Privilege Assignment vulnerability in gopiplus School Manage ...)
+CVE-2025-49897 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49432 (Missing Authorization vulnerability in FWDesign Ultimate Video Player ...)
NOT-FOR-US: WordPress plugin or theme
@@ -106389,7 +106571,7 @@ CVE-2025-52730 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-52728 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-52721 (Missing Authorization vulnerability in LCweb Global Gallery global-gal ...)
+CVE-2025-52721 (Missing Authorization vulnerability in LCweb Global Gallery allows Exp ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-52720 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
@@ -114443,7 +114625,7 @@ CVE-2025-52819 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin or theme
CVE-2025-52804 (Missing Authorization vulnerability in uxper Nuss nuss allows Accessin ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-52803 (Missing Authorization vulnerability in uxper Sala sala allows Accessin ...)
+CVE-2025-52803 (Missing Authorization vulnerability in uxper Sala allows Accessing Fun ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-52787 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -114574,7 +114756,7 @@ CVE-2025-28955 (Improper Limitation of a Pathname to a Restricted Directory ('Pa
NOT-FOR-US: WordPress plugin or theme
CVE-2025-24779 (Deserialization of Untrusted Data vulnerability in NooTheme Yogi yogi ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-24777 (Deserialization of Untrusted Data vulnerability in awethemes Hillter h ...)
+CVE-2025-24777 (Deserialization of Untrusted Data vulnerability in awethemes Hillter a ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-24759 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
@@ -118506,7 +118688,7 @@ CVE-2025-52830 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2025-52828 (Deserialization of Untrusted Data vulnerability in designthemes Red Ar ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-52813 (Missing Authorization vulnerability in pietro MobiLoud mobiloud-mobile ...)
+CVE-2025-52813 (Missing Authorization vulnerability in pietro MobiLoud allows Exploiti ...)
NOT-FOR-US: WordPress plugin
CVE-2025-52807 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
@@ -120515,7 +120697,7 @@ CVE-2025-53306 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53305 (Cross-Site Request Forgery (CSRF) vulnerability in lucidcrew WP Forum ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-53304 (Missing Authorization vulnerability in Rohil Contact Form – 7 : ...)
+CVE-2025-53304 (Missing Authorization vulnerability in Rohil Contact Form \u2013 7 : H ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53301 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -120633,7 +120815,7 @@ CVE-2025-52829 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin or theme
CVE-2025-52827 (Deserialization of Untrusted Data vulnerability in uxper Nuss nuss all ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-52826 (Deserialization of Untrusted Data vulnerability in uxper Sala sala all ...)
+CVE-2025-52826 (Deserialization of Untrusted Data vulnerability in uxper Sala allows O ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-52824 (Missing Authorization vulnerability in MDJM Mobile DJ Manager mobile-d ...)
NOT-FOR-US: WordPress plugin or theme
@@ -120651,7 +120833,7 @@ CVE-2025-52812 (Improper Control of Filename for Include/Require Statement in PH
NOT-FOR-US: WordPress plugin or theme
CVE-2025-52811 (Path Traversal: '.../...//' vulnerability in Creanncy Davenport - Vers ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-52810 (Path Traversal: '.../...//' vulnerability in TMRW-studio Katerio - Mag ...)
+CVE-2025-52810 (Path Traversal vulnerability in TMRW-studio Katerio - Magazine allows ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-52809 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
@@ -122418,7 +122600,7 @@ CVE-2025-50010 (Missing Authorization vulnerability in Zapier Zapier for WordPre
NOT-FOR-US: WordPress plugin or theme
CVE-2025-50009 (Missing Authorization vulnerability in Climax Themes Kata Plus kata-pl ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-50008 (Missing Authorization vulnerability in cscode WooCommerce Manager R ...)
+CVE-2025-50008 (Missing Authorization vulnerability in cscode WooCommerce Manager \u20 ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-4981 (Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10. ...)
- mattermost-server <itp> (bug #823556)
@@ -122434,7 +122616,7 @@ CVE-2025-49995 (Authorization Bypass Through User-Controlled Key vulnerability i
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49993 (Missing Authorization vulnerability in csarturas Cookie-Script.com coo ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49991 (Missing Authorization vulnerability in tggfref WP-Recall wp-recall all ...)
+CVE-2025-49991 (Missing Authorization vulnerability in tggfref WP-Recall allows Access ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49990 (Missing Authorization vulnerability in contentstudio Contentstudio con ...)
NOT-FOR-US: WordPress plugin or theme
@@ -122462,7 +122644,7 @@ CVE-2025-49979 (Missing Authorization vulnerability in slui Media Hygiene media-
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49978 (Authorization Bypass Through User-Controlled Key vulnerability in eyec ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-49977 (Cross-Site Request Forgery (CSRF) vulnerability in mylacventures WP In ...)
+CVE-2025-49977 (Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory WP Inv ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49976 (Missing Authorization vulnerability in WANotifier Notifier notifier al ...)
NOT-FOR-US: WordPress plugin or theme
@@ -124654,7 +124836,7 @@ CVE-2025-32549 (Improper Control of Filename for Include/Require Statement in PH
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32510 (Unrestricted Upload of File with Dangerous Type vulnerability in ovath ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-31919 (Deserialization of Untrusted Data vulnerability in themeton Spare spar ...)
+CVE-2025-31919 (Deserialization of Untrusted Data vulnerability in themeton Spare allo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30988 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -127505,7 +127687,7 @@ CVE-2025-48781 (An external control of file name or path vulnerability in the do
NOT-FOR-US: Soar Cloud HRD Human Resource Management System
CVE-2025-48780 (A deserialization of untrusted data vulnerability in the download file ...)
NOT-FOR-US: Soar Cloud HRD Human Resource Management System
-CVE-2025-48337 (Missing Authorization vulnerability in QuickcabWP QuickCab quickcab.Th ...)
+CVE-2025-48337 (Missing Authorization vulnerability in QuickcabWP QuickCab.This issue ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48335 (Missing Authorization vulnerability in CyberChimps Responsive Plus res ...)
NOT-FOR-US: WordPress plugin or theme
@@ -127571,7 +127753,7 @@ CVE-2025-30989 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2025-30986 (Cross-Site Request Forgery (CSRF) vulnerability in _CreativeMedia_ Eli ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-30981 (Cross-Site Request Forgery (CSRF) vulnerability in tggfref WP-Recall w ...)
+CVE-2025-30981 (Cross-Site Request Forgery (CSRF) vulnerability in tggfref WP-Recall a ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30980 (Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi S ...)
NOT-FOR-US: WordPress plugin
@@ -128022,7 +128204,7 @@ CVE-2025-48493 (The Yii 2 Redis extension provides the redis key-value store sup
NOT-FOR-US: Yii 2 Redis
CVE-2025-47827 (In IGEL OS before 11, Secure Boot can be bypassed because the igel-fla ...)
NOT-FOR-US: IGEL OS
-CVE-2025-46258 (Missing Authorization vulnerability in BdThemes Element Pack Pro bdthe ...)
+CVE-2025-46258 (Missing Authorization vulnerability in BdThemes Element Pack Pro allow ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-46257 (Cross-Site Request Forgery (CSRF) vulnerability in BdThemes Element Pa ...)
NOT-FOR-US: WordPress plugin or theme
@@ -130844,7 +131026,7 @@ CVE-2025-32285 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32284 (Deserialization of Untrusted Data vulnerability in designthemes Pet Wo ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-31927 (Deserialization of Untrusted Data vulnerability in themeton Acerola ac ...)
+CVE-2025-31927 (Deserialization of Untrusted Data vulnerability in themeton Acerola al ...)
NOT-FOR-US: WordPress plugin
CVE-2025-31924 (Deserialization of Untrusted Data vulnerability in designthemes Crafts ...)
NOT-FOR-US: WordPress plugin
@@ -130882,7 +131064,7 @@ CVE-2025-31056 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31053 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-31049 (Deserialization of Untrusted Data vulnerability in themeton Dash dash ...)
+CVE-2025-31049 (Deserialization of Untrusted Data vulnerability in themeton Dash allow ...)
NOT-FOR-US: WordPress plugin
CVE-2025-2394 (Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 c ...)
NOT-FOR-US: Ecovacs Home Android and iOS Mobile Applications
@@ -132410,7 +132592,7 @@ CVE-2025-39392 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39389 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-39388 (Missing Authorization vulnerability in Solid Plugins AnalyticsWP analy ...)
+CVE-2025-39388 (Missing Authorization vulnerability in Solid Plugins AnalyticsWP allow ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39386 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
@@ -132434,7 +132616,7 @@ CVE-2025-39369 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39368 (Missing Authorization vulnerability in ed4becky Rootspersona rootspers ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-39366 (Incorrect Privilege Assignment vulnerability in Rocket Apps wProject w ...)
+CVE-2025-39366 (Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.T ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39365 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
@@ -132454,7 +132636,7 @@ CVE-2025-39352 (Missing Authorization vulnerability in ThemeGoods Grand Restaura
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39351 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Re ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-39350 (Missing Authorization vulnerability in Rocket Apps wProject wproject.T ...)
+CVE-2025-39350 (Missing Authorization vulnerability in Rocket Apps wProject.This issue ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39349 (Deserialization of Untrusted Data vulnerability in Potenzaglobalsoluti ...)
NOT-FOR-US: WordPress plugin or theme
@@ -132500,7 +132682,7 @@ CVE-2025-26892 (Unrestricted Upload of File with Dangerous Type vulnerability in
NOT-FOR-US: WordPress plugin or theme
CVE-2025-26872 (Unrestricted Upload of File with Dangerous Type vulnerability in dkszo ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-26867 (Missing Authorization vulnerability in Themes4WP Bulk bulk allows Acce ...)
+CVE-2025-26867 (Missing Authorization vulnerability in Themes4WP Bulk allows Accessing ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-26735 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
@@ -132962,7 +133144,7 @@ CVE-2025-48146 (Cross-Site Request Forgery (CSRF) vulnerability in Michael Lups
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48144 (Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Expor ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-48138 (Missing Authorization vulnerability in Bertha AI – Andrew Palmer ...)
+CVE-2025-48138 (Missing Authorization vulnerability in Bertha AI \u2013 Andrew Palmer ...)
NOT-FOR-US: WordPress plugin
CVE-2025-48137 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
@@ -133064,9 +133246,9 @@ CVE-2025-39507 (Improper Control of Filename for Include/Require Statement in PH
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39493 (Missing Authorization vulnerability in ValvePress Rankie valvepress-ra ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-39492 (Path Traversal: '.../...//' vulnerability in WHMPress WHMpress whmpres ...)
+CVE-2025-39492 (Path Traversal vulnerability in WHMPress WHMpress allows Relative Path ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-39491 (Path Traversal: '.../...//' vulnerability in WHMPress WHMpress whmpres ...)
+CVE-2025-39491 (Path Traversal vulnerability in WHMPress WHMpress allows Path Traversa ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39482 (Missing Authorization vulnerability in imithemes Eventer eventer allow ...)
NOT-FOR-US: WordPress plugin or theme
@@ -133115,11 +133297,11 @@ CVE-2025-31641 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2025-31640 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-31639 (Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare spar ...)
+CVE-2025-31639 (Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allo ...)
NOT-FOR-US: WordPress plugin
CVE-2025-31637 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-31630 (Missing Authorization vulnerability in themeton The Business nrgbusine ...)
+CVE-2025-31630 (Missing Authorization vulnerability in themeton The Business allows Ex ...)
NOT-FOR-US: WordPress plugin
CVE-2025-31071 (Missing Authorization vulnerability in themeton HotStar \u2013 Multi-P ...)
NOT-FOR-US: WordPress plugin or theme
@@ -133127,7 +133309,7 @@ CVE-2025-31068 (Cross-Site Request Forgery (CSRF) vulnerability in themeton Seve
NOT-FOR-US: WordPress plugin
CVE-2025-31066 (Missing Authorization vulnerability in themeton Acerola acerola allows ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-31065 (Missing Authorization vulnerability in themeton Rozario rozario allows ...)
+CVE-2025-31065 (Missing Authorization vulnerability in themeton Rozario allows Exploit ...)
NOT-FOR-US: WordPress plugin
CVE-2025-31063 (Missing Authorization vulnerability in redqteam Wishlist wishlist allo ...)
NOT-FOR-US: WordPress plugin
@@ -133901,7 +134083,7 @@ CVE-2025-1647 (Improper Neutralization of Input During Web Page Generation (XSS
- twitter-bootstrap3 3.4.1+dfsg-5 (bug #1105899)
[bookworm] - twitter-bootstrap3 <no-dsa> (Minor issue)
NOTE: https://www.herodevs.com/vulnerability-directory/cve-2025-1647
-CVE-2024-56006 (Missing Authorization vulnerability in Automattic Jetpack Debug Tools ...)
+CVE-2024-56006 (Missing Authorization vulnerability in Automattic Jetpack Debug Tools. ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2024-52880 (An issue was discovered in Insyde InsydeH2O kernel 5.2 before version ...)
NOT-FOR-US: Insyde InsydeH2O
@@ -142143,7 +142325,7 @@ CVE-2025-39587 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2025-39586 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-39583 (Missing Authorization vulnerability in Bertha AI – Andrew Palmer ...)
+CVE-2025-39583 (Missing Authorization vulnerability in Bertha AI \u2013 Andrew Palmer ...)
NOT-FOR-US: WordPress plugin
CVE-2025-39580 (Missing Authorization vulnerability in jidaikobo Dashi dashi allows Ac ...)
NOT-FOR-US: WordPress plugin
@@ -143819,7 +144001,7 @@ CVE-2025-30970 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30967 (Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-30966 (Path Traversal: '.../...//' vulnerability in NotFound WPJobBoard wpjob ...)
+CVE-2025-30966 (Path Traversal vulnerability in NotFound WPJobBoard allows Path Traver ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30740 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
NOT-FOR-US: Oracle
@@ -145650,9 +145832,9 @@ CVE-2025-27722 (Cleartext transmission of sensitive information issue exists in
NOT-FOR-US: AC-WPS-11ac series
CVE-2025-27391 (Insertion of Sensitive Information into Log File vulnerability in Apac ...)
NOT-FOR-US: Apache ActiveMQ Artemis
-CVE-2025-26902 (Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro bri ...)
+CVE-2025-26902 (Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro all ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-26901 (Missing Authorization vulnerability in Brizy Brizy Pro brizy-pro allow ...)
+CVE-2025-26901 (Missing Authorization vulnerability in Brizy Brizy Pro allows Exploiti ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-26888 (Missing Authorization vulnerability in Amir Helzer WooCommerce Multili ...)
NOT-FOR-US: WordPress plugin or theme
@@ -147133,7 +147315,7 @@ CVE-2025-32248 (Cross-Site Request Forgery (CSRF) vulnerability in SwiftXR Swift
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32247 (Cross-Site Request Forgery (CSRF) vulnerability in ABCdatos AI Content ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-32246 (Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & ...)
+CVE-2025-32246 (Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & Res ...)
NOT-FOR-US: WordPress plugin
CVE-2025-32241 (Cross-Site Request Forgery (CSRF) vulnerability in CleverReach\xae Off ...)
NOT-FOR-US: WordPress plugin or theme
@@ -147375,7 +147557,7 @@ CVE-2025-1865 (The kernel driver, accessible to low-privileged users, exposes a
NOT-FOR-US: Virtual CloneDrive
CVE-2025-0468 (Software installed and run as a non-privileged user may conduct improp ...)
NOT-FOR-US: Imagination Technologies
-CVE-2024-51800 (Incorrect Privilege Assignment vulnerability in Favethemes Homey homey ...)
+CVE-2024-51800 (Incorrect Privilege Assignment vulnerability in Favethemes Homey allow ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-3220 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
NOT-FOR-US: PHPGurukul
@@ -148577,7 +148759,7 @@ CVE-2025-31810 (Missing Authorization vulnerability in PickPlugins Question Answ
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31809 (Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-31808 (Cross-Site Request Forgery (CSRF) vulnerability in itpathsolutions SCS ...)
+CVE-2025-31808 (Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31807 (Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product ...)
NOT-FOR-US: WordPress plugin or theme
@@ -151151,7 +151333,7 @@ CVE-2025-22816 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin or theme
CVE-2025-22783 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-22770 (Missing Authorization vulnerability in EnvoThemes Envo Multipurpose en ...)
+CVE-2025-22770 (Missing Authorization vulnerability in EnvoThemes Envo Multipurpose al ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-22673 (Missing Authorization vulnerability in WPFactory EAN for WooCommerce e ...)
NOT-FOR-US: WordPress plugin
@@ -154787,11 +154969,11 @@ CVE-2025-26976 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin or theme
CVE-2025-26972 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-26969 (Missing Authorization vulnerability in Aldo Latino PrivateContent priv ...)
+CVE-2025-26969 (Missing Authorization vulnerability in Aldo Latino PrivateContent. Thi ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-26961 (Missing Authorization vulnerability in FRESHFACE Fresh Framework fresh ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-26940 (Path Traversal: '.../...//' vulnerability in NotFound Pie Register Pre ...)
+CVE-2025-26940 (Path Traversal vulnerability in NotFound Pie Register Premium. This is ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-26924 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
NOT-FOR-US: WordPress plugin or theme
@@ -155764,7 +155946,7 @@ CVE-2025-28867 (Cross-Site Request Forgery (CSRF) vulnerability in stesvis Front
NOT-FOR-US: WordPress plugin
CVE-2025-28866 (Cross-Site Request Forgery (CSRF) vulnerability in smerriman Login Log ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-28864 (Cross-Site Request Forgery (CSRF) vulnerability in Planet Studio Build ...)
+CVE-2025-28864 (Cross-Site Request Forgery (CSRF) vulnerability in planetstudio Builde ...)
NOT-FOR-US: WordPress plugin
CVE-2025-28863 (Cross-Site Request Forgery (CSRF) vulnerability in Carlos Minatti Dele ...)
NOT-FOR-US: WordPress plugin
@@ -158368,7 +158550,7 @@ CVE-2025-23814 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2025-23813 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-23763 (Missing Authorization vulnerability in Alex Volkov WAH Forms wah-forms ...)
+CVE-2025-23763 (Missing Authorization vulnerability in Alex Volkov WAH Forms allows Ex ...)
NOT-FOR-US: WordPress plugin
CVE-2025-23762 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -163352,7 +163534,7 @@ CVE-2025-26952 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2025-26949 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-26948 (Missing Authorization vulnerability in NotFound Pie Register Premium p ...)
+CVE-2025-26948 (Missing Authorization vulnerability in NotFound Pie Register Premium. ...)
NOT-FOR-US: WordPress plugin
CVE-2025-26947 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -170513,7 +170695,7 @@ CVE-2025-24754 (Missing Authorization vulnerability in favethemes Houzez houzez.
NOT-FOR-US: WordPress plugin
CVE-2025-24747 (Missing Authorization vulnerability in favethemes Houzez houzez.This i ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-24744 (Missing Authorization vulnerability in NotFound Bridge Core bridge-cor ...)
+CVE-2025-24744 (Missing Authorization vulnerability in NotFound Bridge Core. This issu ...)
NOT-FOR-US: WordPress plugin
CVE-2025-24743 (Missing Authorization vulnerability in Rometheme RTMKit rometheme-for- ...)
NOT-FOR-US: WordPress plugin
@@ -170541,7 +170723,7 @@ CVE-2025-24665 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2025-24664 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-24662 (Missing Authorization vulnerability in LearnDash LearnDash LMS sfwd-lm ...)
+CVE-2025-24662 (Missing Authorization vulnerability in LearnDash LearnDash LMS allows ...)
NOT-FOR-US: WordPress plugin
CVE-2025-24653 (Missing Authorization vulnerability in NotFound Admin and Site Enhance ...)
NOT-FOR-US: WordPress plugin
@@ -171137,7 +171319,7 @@ CVE-2025-24633 (Missing Authorization vulnerability in silverplugins217 Build Pr
NOT-FOR-US: WordPress plugin
CVE-2025-24627 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-24625 (Missing Authorization vulnerability in Naked Cat Plugins Taxonomy/Term ...)
+CVE-2025-24625 (Missing Authorization vulnerability in Marco Almeida | Webdados Taxono ...)
NOT-FOR-US: WordPress plugin
CVE-2025-24623 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugi ...)
NOT-FOR-US: WordPress plugin
@@ -173600,7 +173782,7 @@ CVE-2025-23765 (Cross-Site Request Forgery (CSRF) vulnerability in w3speedster W
NOT-FOR-US: WordPress plugin
CVE-2025-23764 (Missing Authorization vulnerability in ujjavaljani Copy Move Posts cop ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-23761 (Missing Authorization vulnerability in Alex Volkov Woo Tuner woo-tuner ...)
+CVE-2025-23761 (Missing Authorization vulnerability in Alex Volkov Woo Tuner allows Ex ...)
NOT-FOR-US: WordPress plugin
CVE-2025-23760 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -174192,7 +174374,7 @@ CVE-2025-22724 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2025-22587 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-22346 (Server-Side Request Forgery (SSRF) vulnerability in fzngagan Course Mi ...)
+CVE-2025-22346 (Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Cour ...)
NOT-FOR-US: WordPress plugin
CVE-2025-22329 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -178867,7 +179049,7 @@ CVE-2024-56238 (Missing Authorization vulnerability in QuantumCloud Floating Act
NOT-FOR-US: WordPress plugin
CVE-2024-56237 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-56236 (Missing Authorization vulnerability in Juniper Hestia Nginx Cache hest ...)
+CVE-2024-56236 (Missing Authorization vulnerability in Juni Hestia Nginx Cache hestia- ...)
NOT-FOR-US: WordPress plugin
CVE-2024-56199 (phpMyFAQ is an open source FAQ web application. Starting no later than ...)
NOT-FOR-US: phpMyFAQ
@@ -178943,7 +179125,7 @@ CVE-2024-38766 (Cross-Site Request Forgery (CSRF) vulnerability in matomoteam Ma
NOT-FOR-US: WordPress plugin
CVE-2024-38765 (Cross-Site Request Forgery (CSRF) vulnerability in outtheboxthemes Oce ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-38764 (Cross-Site Request Forgery (CSRF) vulnerability in Marsian i-transform ...)
+CVE-2024-38764 (Cross-Site Request Forgery (CSRF) vulnerability in Marsian allows Cros ...)
NOT-FOR-US: WordPress plugin
CVE-2024-38763 (Cross-Site Request Forgery (CSRF) vulnerability in themes4wp Popularis ...)
NOT-FOR-US: WordPress plugin
@@ -178957,7 +179139,7 @@ CVE-2024-38751 (Cross-Site Request Forgery (CSRF) vulnerability in Magazine3 Goo
NOT-FOR-US: WordPress plugin
CVE-2024-38732 (Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-38731 (Cross-Site Request Forgery (CSRF) vulnerability in Marsian i-amaze i-a ...)
+CVE-2024-38731 (Cross-Site Request Forgery (CSRF) vulnerability in Marsian i-amaze all ...)
NOT-FOR-US: WordPress plugin
CVE-2024-38729 (Cross-Site Request Forgery (CSRF) vulnerability in mbeelink MBE eShip ...)
NOT-FOR-US: WordPress plugin
@@ -179097,19 +179279,19 @@ CVE-2023-47693 (Missing Authorization vulnerability in Themefic Ultimate Addons
NOT-FOR-US: WordPress plugin
CVE-2023-47692 (Missing Authorization vulnerability in flothemesplugins Flo Forms flo- ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47689 (Missing Authorization vulnerability in Toast Plugins Animator scroll-t ...)
+CVE-2023-47689 (Missing Authorization vulnerability in Toast Plugins Animator allows E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47661 (Missing Authorization vulnerability in Dragfy Dragfy Addons for Elemen ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47648 (Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47647 (Missing Authorization vulnerability in learningtimes BadgeOS badgeos a ...)
+CVE-2023-47647 (Missing Authorization vulnerability in LearningTimes BadgeOS allows Ex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47557 (Missing Authorization vulnerability in wp-buy Visitors Traffic Real Ti ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47523 (Missing Authorization vulnerability in Ecreate Infotech Auto Tag Creat ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47515 (Missing Authorization vulnerability in Nick Spencer Seers seers-cookie ...)
+CVE-2023-47515 (Missing Authorization vulnerability in Seers Seers allows Exploiting I ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47241 (Missing Authorization vulnerability in CoCart Headless CoCart \u2013 H ...)
NOT-FOR-US: WordPress plugin
@@ -179123,31 +179305,31 @@ CVE-2023-47187 (Missing Authorization vulnerability in Labib Ahmed Animated Rota
NOT-FOR-US: WordPress plugin
CVE-2023-47183 (Missing Authorization vulnerability in StellarWP GiveWP give allows Ex ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47180 (Missing Authorization vulnerability in Daman Jeet Finale Lite finale-w ...)
+CVE-2023-47180 (Missing Authorization vulnerability in XLPlugins Finale Lite allows Ex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47179 (Missing Authorization vulnerability in mdalabar WooODT Lite byconsole- ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46644 (Missing Authorization vulnerability in Blend Media WordPress CTA easy- ...)
+CVE-2023-46644 (Missing Authorization vulnerability in WP CTA PRO WordPress CTA allows ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46639 (Missing Authorization vulnerability in properfraction kk Star Ratings ...)
+CVE-2023-46639 (Missing Authorization vulnerability in FeedbackWP kk Star Ratings allo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46637 (Missing Authorization vulnerability in Saurav Sharma Generate Dummy Po ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46635 (Missing Authorization vulnerability in YITHEMES YITH WooCommerce Produ ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46633 (Missing Authorization vulnerability in TCBarrett Glossary wp-glossary ...)
+CVE-2023-46633 (Missing Authorization vulnerability in TCBarrett Glossary allows Explo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46632 (Missing Authorization vulnerability in David Cramer My Shortcodes my-s ...)
+CVE-2023-46632 (Missing Authorization vulnerability in David Cramer My Shortcodes allo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46631 (Missing Authorization vulnerability in RevenueHunt Product Recommendat ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46628 (Missing Authorization vulnerability in redlettuce WP Word Count wp-wor ...)
+CVE-2023-46628 (Missing Authorization vulnerability in RedLettuce Plugins WP Word Coun ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46616 (Missing Authorization vulnerability in NSquared Draw Attention draw-at ...)
+CVE-2023-46616 (Missing Authorization vulnerability in NSquared Draw Attention allows ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46612 (Missing Authorization vulnerability in codedraft Mediabay mediabay-lit ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46611 (Authentication Bypass by Primary Weakness vulnerability in YOP YOP Pol ...)
+CVE-2023-46611 (Authentication Bypass by Primary Weakness vulnerability in yourownprog ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46610 (Missing Authorization vulnerability in Mohamed Magdy Quill Forms quill ...)
NOT-FOR-US: WordPress plugin
@@ -179155,17 +179337,17 @@ CVE-2023-46609 (Missing Authorization vulnerability in FeedFocal FeedFocal feedf
NOT-FOR-US: WordPress plugin
CVE-2023-46608 (Missing Authorization vulnerability in WPDO DoLogin Security dologin a ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46607 (Missing Authorization vulnerability in wpicalavailability WP iCal Avai ...)
+CVE-2023-46607 (Missing Authorization vulnerability in WP iCal Availability WP iCal Av ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46606 (Missing Authorization vulnerability in Team AtomChat AtomChat atomchat ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46605 (Missing Authorization vulnerability in Convertful Team Convertful conv ...)
+CVE-2023-46605 (Missing Authorization vulnerability in Ruslan Suhar Convertful \u2013 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46309 (Missing Authorization vulnerability in AdvancedCoding wpDiscuz wpdiscu ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46206 (Missing Authorization vulnerability in Web\u306e\u76f8\u8ac7\u6240 MW ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46203 (Missing Authorization vulnerability in Alex Prokopenko / JustCoded Jus ...)
+CVE-2023-46203 (Missing Authorization vulnerability in JustCoded / Alex Prokopenko Jus ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46196 (Missing Authorization vulnerability in Repuso Social proof testimonial ...)
NOT-FOR-US: WordPress plugin
@@ -179177,9 +179359,9 @@ CVE-2023-46083 (Missing Authorization vulnerability in WP Chill Kali Forms kali-
NOT-FOR-US: WordPress plugin
CVE-2023-46082 (Missing Authorization vulnerability in Cyberlord92 Broken Link Checker ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46080 (Missing Authorization vulnerability in Farhan Noor ApplyOnline apply-o ...)
+CVE-2023-46080 (Missing Authorization vulnerability in Farhan Noor ApplyOnline \u2013 ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-46079 (Missing Authorization vulnerability in WP Royal Ashe Extra ashe-extra ...)
+CVE-2023-46079 (Missing Authorization vulnerability in WP Royal Ashe Extra allows Expl ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46073 (Missing Authorization vulnerability in Mario Peshev DX Delete Attached ...)
NOT-FOR-US: WordPress plugin
@@ -179195,7 +179377,7 @@ CVE-2023-45649 (Missing Authorization vulnerability in codepeople Appointment Ho
NOT-FOR-US: WordPress plugin
CVE-2023-45636 (Missing Authorization vulnerability in WebToffee WordPress Backup & Mi ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-45633 (Missing Authorization vulnerability in IDX IMPress Listings wp-listing ...)
+CVE-2023-45633 (Missing Authorization vulnerability in IDX IMPress Listings allows Exp ...)
NOT-FOR-US: WordPress plugin
CVE-2023-45631 (Missing Authorization vulnerability in wpdevart Responsive Image Galle ...)
NOT-FOR-US: WordPress plugin
@@ -179215,17 +179397,17 @@ CVE-2023-45061 (Missing Authorization vulnerability in awsm.in WP Job Openings w
NOT-FOR-US: WordPress plugin
CVE-2023-45045 (Missing Authorization vulnerability in krozero WP Custom Widget area w ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-45002 (Missing Authorization vulnerability in weDevs WP User Frontend wp-user ...)
+CVE-2023-45002 (Missing Authorization vulnerability in weDevs WP User Frontend allows ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-44988 (Missing Authorization vulnerability in Northern Beaches Websites WP Cu ...)
+CVE-2023-44988 (Missing Authorization vulnerability in Martin Gibson WP Custom Admin I ...)
NOT-FOR-US: WordPress plugin
CVE-2023-44258 (Missing Authorization vulnerability in vberkel Schema App Structured D ...)
NOT-FOR-US: WordPress plugin
CVE-2023-40327 (Missing Authorization vulnerability in Putler / Storeapps Putler Conne ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-39994 (Missing Authorization vulnerability in reputeinfosystems ARMember Prem ...)
+CVE-2023-39994 (Missing Authorization vulnerability in Repute InfoSystems ARMember Pre ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32240 (Missing Authorization vulnerability in xtemos WoodMart woodmart allows ...)
+CVE-2023-32240 (Missing Authorization vulnerability in Xtemos WoodMart allows Exploiti ...)
NOT-FOR-US: WordPress plugin
CVE-2022-49035 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.8-1
@@ -179615,9 +179797,9 @@ CVE-2024-12105 (In WhatsUp Gold versions released before 2024.0.2, an authentica
NOT-FOR-US: WhatsUp Gold
CVE-2024-11846 (The does not sanitise and escape a parameter before outputting it bac ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-50850 (Missing Authorization vulnerability in Woo WooCommerce Subscriptions w ...)
+CVE-2023-50850 (Missing Authorization vulnerability in Woo WooCommerce Subscriptions a ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-48775 (Missing Authorization vulnerability in Gfazioli WP Cleanfix wp-cleanfi ...)
+CVE-2023-48775 (Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exp ...)
NOT-FOR-US: WordPress plugin
CVE-2023-6603 (A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability ...)
{DLA-4440-1}
@@ -183472,7 +183654,7 @@ CVE-2024-54315 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-54314 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-54313 (Path Traversal: '.../...//' vulnerability in FULL. FULL Customer full- ...)
+CVE-2024-54313 (Path Traversal vulnerability in FULL. FULL Customer allows Path Traver ...)
NOT-FOR-US: WordPress plugin
CVE-2024-54312 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -183580,7 +183762,7 @@ CVE-2024-54243 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-54242 (Missing Authorization vulnerability in appsbd Simple Notification simp ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-54241 (Missing Authorization vulnerability in appsbd Elite Notification elite ...)
+CVE-2024-54241 (Missing Authorization vulnerability in Appsbd Elite Notification \u201 ...)
NOT-FOR-US: WordPress plugin
CVE-2024-54240 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -183682,53 +183864,53 @@ CVE-2023-44147 (Missing Authorization vulnerability in apasionados Comment Black
NOT-FOR-US: WordPress plugin
CVE-2023-44142 (Missing Authorization vulnerability in Deepen Bajracharya Inactive Log ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41952 (Missing Authorization vulnerability in Shahjahan Jewel FluentForm flue ...)
+CVE-2023-41952 (Missing Authorization vulnerability in Contact Form - WPManageNinja LL ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41951 (Missing Authorization vulnerability in rtCamp rtMedia for WordPress, B ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41875 (Missing Authorization vulnerability in WPDirectoryKit WP Directory Kit ...)
+CVE-2023-41875 (Missing Authorization vulnerability in wpdirectorykit.com WP Directory ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41873 (Missing Authorization vulnerability in miniOrange SAML SP Single Sign ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41870 (Missing Authorization vulnerability in Themeum WP Crowdfunding wp-crow ...)
+CVE-2023-41870 (Missing Authorization vulnerability in Themeum WP Crowdfunding allows ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41869 (Missing Authorization vulnerability in Alex Volkov WP Accessibility He ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41866 (Missing Authorization vulnerability in Plugins360 Labs Automatic YouTu ...)
+CVE-2023-41866 (Missing Authorization vulnerability in Team Plugins360 Automatic YouTu ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41865 (Missing Authorization vulnerability in bqworks Slider Pro sliderpro al ...)
+CVE-2023-41865 (Missing Authorization vulnerability in bqworks Slider Pro allows Explo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41862 (Weak Authentication vulnerability in Guido VS Contact Form very-simple ...)
+CVE-2023-41862 (Weak Authentication vulnerability in Guido VS Contact Form allows Auth ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41857 (Missing Authorization vulnerability in clicktotweet Click To Tweet cli ...)
+CVE-2023-41857 (Missing Authorization vulnerability in ClickToTweet.com Click To Tweet ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41849 (Missing Authorization vulnerability in Happy Coders Posts Like Dislike ...)
+CVE-2023-41849 (Missing Authorization vulnerability in WP Happy Coders Posts Like Disl ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41848 (Missing Authorization vulnerability in Sayful Islam Carousel Slider ca ...)
+CVE-2023-41848 (Missing Authorization vulnerability in Majeed Raza Carousel Slider all ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41803 (Missing Authorization vulnerability in BitPay BitPay Checkout for WooC ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41802 (Missing Authorization vulnerability in Rajat Varlani Super Socializer ...)
+CVE-2023-41802 (Missing Authorization vulnerability in Team Heateor Super Socializer a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41695 (Missing Authorization vulnerability in Adnan Analytify wp-analytify al ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41690 (Missing Authorization vulnerability in Wisernotify team WiserNotify wi ...)
+CVE-2023-41690 (Missing Authorization vulnerability in Wiser Notify WiserNotify Social ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41689 (Missing Authorization vulnerability in Koen Reus Post to Google My Bus ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41688 (Missing Authorization vulnerability in madfishdigital Bulk NoIndex & N ...)
+CVE-2023-41688 (Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41686 (Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41683 (Missing Authorization vulnerability in pechenki TelSender telsender al ...)
+CVE-2023-41683 (Missing Authorization vulnerability in Pechenki TelSender allows Explo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41671 (Missing Authorization vulnerability in tychesoftwares Abandoned Cart L ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41664 (Missing Authorization vulnerability in Alpha BPO Easy Newsletter Signu ...)
+CVE-2023-41664 (Missing Authorization vulnerability in AlphaBPO Easy Newsletter Signup ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41649 (Missing Authorization vulnerability in hoangkhanh92 Ovic Product Bundl ...)
+CVE-2023-41649 (Missing Authorization vulnerability in Ovic Team Ovic Product Bundle a ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41133 (Authentication Bypass by Spoofing vulnerability in Minor Secure Admin ...)
+CVE-2023-41133 (Authentication Bypass by Spoofing vulnerability in Michal Nov\xe1k Sec ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41132 (Missing Authorization vulnerability in ShapedPlugin LLC Category Slide ...)
NOT-FOR-US: WordPress plugin
@@ -183736,25 +183918,25 @@ CVE-2023-41130 (Missing Authorization vulnerability in Premmerce Premmerce User
NOT-FOR-US: WordPress plugin
CVE-2023-40678 (Missing Authorization vulnerability in Andrew Fiebert Simple URLs simp ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-40670 (Missing Authorization vulnerability in ReviewX ReviewX reviewx allows ...)
+CVE-2023-40670 (Missing Authorization vulnerability in ReviewX Team ReviewX allows Exp ...)
NOT-FOR-US: WordPress plugin
CVE-2023-40334 (Missing Authorization vulnerability in RealMag777 HUSKY woocommerce-pr ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-40331 (Missing Authorization vulnerability in bqworks Accordion Slider accord ...)
+CVE-2023-40331 (Missing Authorization vulnerability in bqworks Accordion Slider allows ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-40213 (Missing Authorization vulnerability in Damian G\xf3ra Justified Galler ...)
+CVE-2023-40213 (Missing Authorization vulnerability in Mateusz Czardybon Justified Gal ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-40203 (Missing Authorization vulnerability in mailmunch MailChimp Forms by Ma ...)
+CVE-2023-40203 (Missing Authorization vulnerability in MailMunch MailChimp Forms by Ma ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-40011 (Missing Authorization vulnerability in Stylemix Cost Calculator Builde ...)
+CVE-2023-40011 (Missing Authorization vulnerability in StylemixThemes Cost Calculator ...)
NOT-FOR-US: WordPress plugin
CVE-2023-40005 (Missing Authorization vulnerability in Syed Balkhi Easy Digital Downlo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-40003 (Missing Authorization vulnerability in weDevs WP Project Manager wedev ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-40001 (Missing Authorization vulnerability in StellarWP iThemes Sync ithemes- ...)
+CVE-2023-40001 (Missing Authorization vulnerability in SolidWP iThemes Sync allows Exp ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-39997 (Missing Authorization vulnerability in supsystic Popup by Supsystic po ...)
+CVE-2023-39997 (Missing Authorization vulnerability in supsystic.com Popup by Supsysti ...)
NOT-FOR-US: WordPress plugin
CVE-2023-39996 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
NOT-FOR-US: WordPress plugin
@@ -183764,63 +183946,63 @@ CVE-2023-39920 (Missing Authorization vulnerability in Themeisle Redirection for
NOT-FOR-US: WordPress plugin
CVE-2023-39305 (Missing Authorization vulnerability in Dash Labs Yet Another Stars Rat ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-38514 (Missing Authorization vulnerability in Inisev Social Share Icons & Soc ...)
+CVE-2023-38514 (Missing Authorization vulnerability in social share pro Social Share I ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-38483 (Missing Authorization vulnerability in dylanblokhuis Instant CSS insta ...)
+CVE-2023-38483 (Missing Authorization vulnerability in Dylan Blokhuis Instant CSS allo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-38480 (Missing Authorization vulnerability in certaindev Booster Elementor Ad ...)
+CVE-2023-38480 (Missing Authorization vulnerability in Certain Dev Booster Elementor A ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-38479 (Missing Authorization vulnerability in codents Simple Googlebot Visit ...)
+CVE-2023-38479 (Missing Authorization vulnerability in Codents Simple Googlebot Visit ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-38477 (Missing Authorization vulnerability in stasionok QR code MeCard/vCard ...)
+CVE-2023-38477 (Missing Authorization vulnerability in Stanislav Kuznetsov QR code MeC ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-38475 (Missing Authorization vulnerability in EDGARROJAS Donations Made Easy ...)
+CVE-2023-38475 (Missing Authorization vulnerability in RedNao Donations Made Easy \u20 ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-38385 (Missing Authorization vulnerability in artbees JupiterX Core jupiterx- ...)
+CVE-2023-38385 (Missing Authorization vulnerability in Artbees JupiterX Core allows Ex ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-38383 (Missing Authorization vulnerability in Amir Helzer Language wordpress- ...)
+CVE-2023-38383 (Missing Authorization vulnerability in OnTheGoSystems Language allows ...)
NOT-FOR-US: WordPress plugin
CVE-2023-37989 (Missing Authorization vulnerability in Easyship Easyship WooCommerce S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-37987 (Missing Authorization vulnerability in miniOrange YourMembership Singl ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-37984 (Missing Authorization vulnerability in ExpressTech Systems Quiz And Su ...)
+CVE-2023-37984 (Missing Authorization vulnerability in ExpressTech Quiz And Survey Mas ...)
NOT-FOR-US: WordPress plugin
CVE-2023-37971 (Missing Authorization vulnerability in MultiVendorX WooCommerce Produc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-37969 (Missing Authorization vulnerability in The African Boss Checkout with ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-37967 (Missing Authorization vulnerability in Designinvento DirectoryPress di ...)
+CVE-2023-37967 (Missing Authorization vulnerability in Designinvento DirectoryPress al ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-37887 (Missing Authorization vulnerability in Ronik at UnlimitedWP WPSchoolPress ...)
+CVE-2023-37887 (Missing Authorization vulnerability in WPSchoolPress Team WPSchoolPres ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36681 (Missing Authorization vulnerability in CoolHappy Cryptocurrency Widget ...)
+CVE-2023-36681 (Missing Authorization vulnerability in Cool Plugins Cryptocurrency Wid ...)
NOT-FOR-US: WordPress plugin
CVE-2023-36680 (Missing Authorization vulnerability in Iulia Cazan Image Regenerate & ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36531 (Missing Authorization vulnerability in liquidpoll LiquidPoll wp-poll a ...)
+CVE-2023-36531 (Missing Authorization vulnerability in LiquidPoll LiquidPoll \u2013 Ad ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36528 (Missing Authorization vulnerability in properfraction kk Star Ratings ...)
+CVE-2023-36528 (Missing Authorization vulnerability in FeedbackWP kk Star Ratings allo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36526 (Missing Authorization vulnerability in Attinder Singh Duplicate Post P ...)
+CVE-2023-36526 (Missing Authorization vulnerability in Inqsys Technology Duplicate Pos ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36519 (Missing Authorization vulnerability in WPThemeGo SW Product Bundles sw ...)
+CVE-2023-36519 (Missing Authorization vulnerability in wpthemego SW Product Bundles al ...)
NOT-FOR-US: WordPress plugin
CVE-2023-36518 (Missing Authorization vulnerability in Hugh Lashbrooke Post Hit Counte ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36510 (Missing Authorization vulnerability in catkin ReDi Restaurant Reservat ...)
+CVE-2023-36510 (Missing Authorization vulnerability in Reservation Diary ReDi Restaura ...)
NOT-FOR-US: WordPress plugin
CVE-2023-36509 (Missing Authorization vulnerability in Suresh Chand CHP Ads Block Dete ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36506 (Missing Authorization vulnerability in YITHEMES YITH WooCommerce Waiti ...)
+CVE-2023-36506 (Missing Authorization vulnerability in YITH YITH WooCommerce Waiting L ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-35875 (Missing Authorization vulnerability in Jegstudio Gutenverse gutenverse ...)
+CVE-2023-35875 (Missing Authorization vulnerability in Jegstudio Gutenverse allows Exp ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-35777 (Missing Authorization vulnerability in StellarWP The Events Calendar t ...)
+CVE-2023-35777 (Missing Authorization vulnerability in The Events Calendar The Events ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-35052 (Missing Authorization vulnerability in wpWax Directorist directorist a ...)
+CVE-2023-35052 (Missing Authorization vulnerability in wpWax - WP Business Directory P ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-35051 (Missing Authorization vulnerability in cimatti Contact Forms by Cimatt ...)
+CVE-2023-35051 (Missing Authorization vulnerability in Cimatti Consulting Contact Form ...)
NOT-FOR-US: WordPress plugin
CVE-2023-35046 (Missing Authorization vulnerability in Dynamic.ooo Dynamic Visibility ...)
NOT-FOR-US: WordPress plugin
@@ -183828,55 +184010,55 @@ CVE-2023-35037 (Missing Authorization vulnerability in Surfer Surfer surferseo a
NOT-FOR-US: WordPress plugin
CVE-2023-34387 (Missing Authorization vulnerability in Constant Contact Constant Conta ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-34381 (Missing Authorization vulnerability in Gesundheit Bewegt GmbH Zippy zi ...)
+CVE-2023-34381 (Missing Authorization vulnerability in Gesundheit Bewegt GmbH Zippy al ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-34376 (Missing Authorization vulnerability in Sekander Badsha Change WooComme ...)
+CVE-2023-34376 (Missing Authorization vulnerability in Rextheme Change WooCommerce Add ...)
NOT-FOR-US: WordPress plugin
CVE-2023-34019 (Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit for ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-34014 (Missing Authorization vulnerability in g5theme Grid Plus grid-plus all ...)
+CVE-2023-34014 (Missing Authorization vulnerability in G5Theme Grid Plus allows Exploi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-34009 (Missing Authorization vulnerability in Inisev Social Media & Share Ico ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-33998 (Missing Authorization vulnerability in CyberNetikz Easy Social Icons e ...)
+CVE-2023-33998 (Missing Authorization vulnerability in cybernetikz Easy Social Icons a ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-33996 (Missing Authorization vulnerability in CleanTalk Inc Spam protection, ...)
+CVE-2023-33996 (Missing Authorization vulnerability in \u0421leanTalk - Anti-Spam Prot ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-33995 (Missing Authorization vulnerability in 10Web Photo Gallery by 10Web ph ...)
+CVE-2023-33995 (Missing Authorization vulnerability in Photo Gallery Team Photo Galler ...)
NOT-FOR-US: WordPress plugin
CVE-2023-33994 (Missing Authorization vulnerability in VeronaLabs Slimstat Analytics w ...)
NOT-FOR-US: WordPress plugin
CVE-2023-33928 (Missing Authorization vulnerability in WebToffee WordPress Backup & Mi ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-33324 (Missing Authorization vulnerability in wppal Easy Captcha easy-captcha ...)
+CVE-2023-33324 (Missing Authorization vulnerability in wppal Easy Captcha allows Explo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-33215 (Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32963 (Missing Authorization vulnerability in Steve Truman WooCommerce Predic ...)
+CVE-2023-32963 (Missing Authorization vulnerability in a3rev Software WooCommerce Pred ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32798 (Missing Authorization vulnerability in 10up Simple Page Ordering simpl ...)
+CVE-2023-32798 (Missing Authorization vulnerability in 10up Simple Page Ordering allow ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32601 (Missing Authorization vulnerability in Deetronix Booking Ultra Pro boo ...)
+CVE-2023-32601 (Missing Authorization vulnerability in Booking Ultra Pro Booking Ultra ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32599 (Missing Authorization vulnerability in sminozzi reCAPTCHA for all reca ...)
+CVE-2023-32599 (Missing Authorization vulnerability in Bill Minozzi reCAPTCHA for all ...)
NOT-FOR-US: WordPress plugin
CVE-2023-32593 (Missing Authorization vulnerability in GS Plugins GS Pins for Pinteres ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32586 (Missing Authorization vulnerability in TM Soundcloud Is Gold soundclou ...)
+CVE-2023-32586 (Missing Authorization vulnerability in Thomas Michalak Soundcloud Is G ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32585 (Missing Authorization vulnerability in totalsoft Portfolio Gallery gal ...)
+CVE-2023-32585 (Missing Authorization vulnerability in Total-Soft Portfolio Gallery \u ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32581 (Missing Authorization vulnerability in larrykim WP-Chatbot for Messeng ...)
+CVE-2023-32581 (Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Mes ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32574 (Missing Authorization vulnerability in Fahad Mahmood Injection Guard i ...)
+CVE-2023-32574 (Missing Authorization vulnerability in Fahad Mahmood Injection Guard a ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32520 (Missing Authorization vulnerability in WebCodin WCP Contact Form wcp-c ...)
+CVE-2023-32520 (Missing Authorization vulnerability in Webcodin WCP Contact Form allow ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32519 (Missing Authorization vulnerability in WebCodin WCP Contact Form wcp-c ...)
+CVE-2023-32519 (Missing Authorization vulnerability in Webcodin WCP Contact Form allow ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32507 (Missing Authorization vulnerability in Mehul Kaklotar Woo Custom Email ...)
+CVE-2023-32507 (Missing Authorization vulnerability in wp3sixty Woo Custom Emails allo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32506 (Missing Authorization vulnerability in Spencer Haws Link Whisper Free ...)
+CVE-2023-32506 (Missing Authorization vulnerability in Link Whisper Link Whisper Free ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9508 (Horner Automation Cscape contains a memory corruption vulnerability, w ...)
NOT-FOR-US: Horner Automation Cscape
@@ -185634,7 +185816,7 @@ CVE-2024-53791 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-53790 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-53785 (Missing Authorization vulnerability in Alexander Volkov Chatter chatte ...)
+CVE-2024-53785 (Missing Authorization vulnerability in Alexander Volkov Chatter.This i ...)
NOT-FOR-US: WordPress plugin
CVE-2024-53450 (RAGFlow 0.13.0 suffers from improper access control in document-hooks. ...)
NOT-FOR-US: RAGFlow
@@ -185646,7 +185828,7 @@ CVE-2024-52586 (eLabFTW is an open source electronic lab notebook for research l
NOT-FOR-US: eLabFTW
CVE-2024-52480 (Missing Authorization vulnerability in Astoundify Jobify jobify.This i ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-52391 (Missing Authorization vulnerability in Genetech Pie Register Premium p ...)
+CVE-2024-52391 (Missing Authorization vulnerability in Genetech Pie Register Premium.T ...)
NOT-FOR-US: WordPress plugin
CVE-2024-52385 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin
@@ -185721,9 +185903,9 @@ CVE-2023-50884 (Missing Authorization vulnerability in LA-Studio LA-Studio Eleme
NOT-FOR-US: WordPress plugin
CVE-2023-50882 (Missing Authorization vulnerability in properfraction ProfilePress wp- ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-50877 (Missing Authorization vulnerability in WBW Plugins Product Filter by W ...)
+CVE-2023-50877 (Missing Authorization vulnerability in woobewoo Product Filter by WBW ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-50876 (Missing Authorization vulnerability in Molongui Molongui molongui-auth ...)
+CVE-2023-50876 (Missing Authorization vulnerability in Molongui Molongui allows Exploi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-50375 (Missing Authorization vulnerability in edo888 Google Language Translat ...)
NOT-FOR-US: WordPress plugin
@@ -185739,7 +185921,7 @@ CVE-2023-49857 (Missing Authorization vulnerability in awesomesupport Awesome Su
NOT-FOR-US: WordPress plugin
CVE-2023-49856 (Missing Authorization vulnerability in EDGARROJAS Smart Forms smart-fo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-49851 (Missing Authorization vulnerability in ilmdesigns Square Thumbnails sq ...)
+CVE-2023-49851 (Missing Authorization vulnerability in ILMDESIGNS Square Thumbnails al ...)
NOT-FOR-US: WordPress plugin
CVE-2023-49850 (Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sit ...)
NOT-FOR-US: WordPress plugin
@@ -185749,15 +185931,15 @@ CVE-2023-49848 (Missing Authorization vulnerability in Marc dooder Sharkdropship
NOT-FOR-US: WordPress plugin
CVE-2023-49845 (Missing Authorization vulnerability in mattdeclaire Redirects redirect ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-49835 (Missing Authorization vulnerability in metaphorcreations Post Duplicat ...)
+CVE-2023-49835 (Missing Authorization vulnerability in Metaphor Creations Post Duplica ...)
NOT-FOR-US: WordPress plugin
CVE-2023-49832 (Missing Authorization vulnerability in Gemini Labs Site Reviews site-r ...)
NOT-FOR-US: WordPress plugin
CVE-2023-49831 (Missing Authorization vulnerability in Metagauss RegistrationMagic cus ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-49818 (Missing Authorization vulnerability in Webflow Webflow Pages webflow-p ...)
+CVE-2023-49818 (Missing Authorization vulnerability in Webflow Webflow Pages allows Ex ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-49817 (Missing Authorization vulnerability in heolixfy Flexible Woocommerce C ...)
+CVE-2023-49817 (Missing Authorization vulnerability in heoLixfy Flexible Woocommerce C ...)
NOT-FOR-US: WordPress plugin
CVE-2023-49758 (Missing Authorization vulnerability in Roland Murg WP Booking System w ...)
NOT-FOR-US: WordPress plugin
@@ -185765,11 +185947,11 @@ CVE-2023-49757 (Missing Authorization vulnerability in awesomesupport Awesome Su
NOT-FOR-US: WordPress plugin
CVE-2023-49756 (Missing Authorization vulnerability in Arraytics Eventin wp-event-solu ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-49755 (Missing Authorization vulnerability in Satinder Singh Elementor Timeli ...)
+CVE-2023-49755 (Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Time ...)
NOT-FOR-US: WordPress plugin
CVE-2023-49754 (Missing Authorization vulnerability in Yogesh Pawar Bulk Edit Post Tit ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-49196 (Missing Authorization vulnerability in Softaculous PageLayer pagelayer ...)
+CVE-2023-49196 (Missing Authorization vulnerability in Pagelayer Team PageLayer allows ...)
NOT-FOR-US: WordPress plugin
CVE-2023-49194 (Insertion of Sensitive Information Into Debugging Code vulnerability i ...)
NOT-FOR-US: WordPress plugin
@@ -185789,7 +185971,7 @@ CVE-2023-48779 (Missing Authorization vulnerability in 3DWeb 360 Javascript View
NOT-FOR-US: WordPress plugin
CVE-2023-48776 (Missing Authorization vulnerability in virtuellwerk canvasio3D Light c ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-48774 (Missing Authorization vulnerability in Northern Beaches Websites IdeaP ...)
+CVE-2023-48774 (Missing Authorization vulnerability in Martin Gibson IdeaPush allows E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-48750 (Missing Authorization vulnerability in voidthemes Void Elementor Post ...)
NOT-FOR-US: WordPress plugin
@@ -185799,15 +185981,15 @@ CVE-2023-48332 (Missing Authorization vulnerability in Varun Sharma Mail Bank -
NOT-FOR-US: WordPress plugin
CVE-2023-48324 (Missing Authorization vulnerability in awesomesupport Awesome Support ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-48287 (Missing Authorization vulnerability in Matat Technologies TextMe SMS t ...)
+CVE-2023-48287 (Missing Authorization vulnerability in Matat Technologies TextMe SMS a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-48286 (Missing Authorization vulnerability in mra13 Stripe Payments stripe-pa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-48277 (Missing Authorization vulnerability in SuperPWA Super Progressive Web ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-48274 (Missing Authorization vulnerability in WcMultishipping - Mondial Relay ...)
+CVE-2023-48274 (Missing Authorization vulnerability in Mondial Relay WooCommerce - WCM ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47871 (Missing Authorization vulnerability in itpathsolutions Contact Form to ...)
+CVE-2023-47871 (Missing Authorization vulnerability in IT Path Solutions Contact Form ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47869 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
NOT-FOR-US: WordPress plugin
@@ -185815,7 +185997,7 @@ CVE-2023-47849 (Missing Authorization vulnerability in Blossom Themes BlossomThe
NOT-FOR-US: WordPress plugin
CVE-2023-47847 (Missing Authorization vulnerability in PayTR \xd6deme ve Elektronik Pa ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47841 (Missing Authorization vulnerability in Adnan Analytify wp-analytify al ...)
+CVE-2023-47841 (Missing Authorization vulnerability in Analytify Analytify allows Expl ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47838 (Missing Authorization vulnerability in Jules Colle Conditional Fields ...)
NOT-FOR-US: WordPress plugin
@@ -185823,15 +186005,15 @@ CVE-2023-47836 (Missing Authorization vulnerability in prasadkirpekar WP Meta an
NOT-FOR-US: WordPress plugin
CVE-2023-47832 (Missing Authorization vulnerability in SearchIQ SearchIQ searchiq allo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47830 (Missing Authorization vulnerability in GusRuss89 Live Preview for Cont ...)
+CVE-2023-47830 (Missing Authorization vulnerability in Addons for Contact Form 7 Live ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47826 (Missing Authorization vulnerability in nicheaddons Restaurant & Cafe A ...)
+CVE-2023-47826 (Missing Authorization vulnerability in NicheAddons Restaurant & Cafe A ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47823 (Missing Authorization vulnerability in Formcrafts FormCraft formcraft- ...)
+CVE-2023-47823 (Missing Authorization vulnerability in nCrafts FormCraft allows Exploi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47822 (Missing Authorization vulnerability in Sonaar Music MP3 Audio Player f ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47820 (Missing Authorization vulnerability in CRUDLab WP Like Button wp-like- ...)
+CVE-2023-47820 (Missing Authorization vulnerability in CRUDLab WP Like Button allows E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47805 (Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows ...)
NOT-FOR-US: WordPress plugin
@@ -185865,11 +186047,11 @@ CVE-2023-32299 (Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerc
NOT-FOR-US: WordPress plugin
CVE-2023-32293 (Missing Authorization vulnerability in Realwebcare WRC Pricing Tables ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32126 (Missing Authorization vulnerability in wpoperations SALERT salert allo ...)
+CVE-2023-32126 (Missing Authorization vulnerability in WPoperation SALERT allows Explo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32117 (Missing Authorization vulnerability in princeahmed Integrate Google Dr ...)
+CVE-2023-32117 (Missing Authorization vulnerability in SoftLab Integrate Google Drive ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-32094 (Missing Authorization vulnerability in Felix W. Extended Post Status e ...)
+CVE-2023-32094 (Missing Authorization vulnerability in Felix Welberg Extended Post Sta ...)
NOT-FOR-US: WordPress plugin
CVE-2024-12224 (Improper Validation of Unsafe Equivalence in punycode by the idna crat ...)
[experimental] - rust-idna 1.0.3-1
@@ -189981,7 +190163,7 @@ CVE-2024-52473 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: Sandeep Verma HTML5 Lyrics araoke Player
CVE-2024-52472 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-52471 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-52471 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-52470 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -191577,7 +191759,7 @@ CVE-2024-52414 (Deserialization of Untrusted Data vulnerability in Anthony Carbo
NOT-FOR-US: WordPress plugin
CVE-2024-52413 (Deserialization of Untrusted Data vulnerability in dmcwebzone Airin Bl ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-52412 (Deserialization of Untrusted Data vulnerability in Stephen Cui Xin xin ...)
+CVE-2024-52412 (Deserialization of Untrusted Data vulnerability in Stephen Cui Xin all ...)
NOT-FOR-US: WordPress plugin
CVE-2024-52411 (Deserialization of Untrusted Data vulnerability in flowcraft Advanced ...)
NOT-FOR-US: WordPress plugin
@@ -196122,7 +196304,7 @@ CVE-2024-51744 (golang-jwt is a Go implementation of JSON Web Tokens. Unclear do
NOTE: https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c (v4.5.1)
CVE-2024-9147 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
NOT-FOR-US: Bna Informatics PosPratik
-CVE-2024-51685 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-51685 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-51683 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -196559,7 +196741,7 @@ CVE-2024-43968 (Broken Access Control vulnerability in Automattic Newspack allow
NOT-FOR-US: WordPress plugin
CVE-2024-43962 (Missing Authorization vulnerability in LWS LWS Affiliation allows Expl ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-43956 (Missing Authorization vulnerability in Caseproof, LLC MemberPress memb ...)
+CVE-2024-43956 (Missing Authorization vulnerability in Caseproof, LLC Memberpress allo ...)
NOT-FOR-US: WordPress plugin
CVE-2024-43937 (Missing Authorization vulnerability in Themeum WP Crowdfunding allows ...)
NOT-FOR-US: WordPress plugin
@@ -196737,7 +196919,7 @@ CVE-2024-38695 (Missing Authorization vulnerability in Martin Gibson WP GoToWebi
NOT-FOR-US: WordPress plugin
CVE-2024-38690 (Missing Authorization vulnerability in Avirtum iPanorama 360 WordPress ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-37929 (Missing Authorization vulnerability in solwin User Activity Log Pro us ...)
+CVE-2024-37929 (Missing Authorization vulnerability in solwin User Activity Log Pro al ...)
NOT-FOR-US: WordPress plugin
CVE-2024-37926 (Missing Authorization vulnerability in Alex Volkov WP Accessibility He ...)
NOT-FOR-US: WordPress plugin
@@ -197620,7 +197802,7 @@ CVE-2024-49692 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-49679 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-49678 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-49678 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-49673 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -197630,7 +197812,7 @@ CVE-2024-49670 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-49667 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-49665 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-49665 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-49664 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -198212,7 +198394,7 @@ CVE-2024-50483 (Authorization Bypass Through User-Controlled Key vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2024-50479 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-50478 (Authentication Bypass by Primary Weakness vulnerability in swoopbrando ...)
+CVE-2024-50478 (Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Cli ...)
NOT-FOR-US: WordPress plugin
CVE-2024-50477 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
NOT-FOR-US: WordPress plugin
@@ -201946,7 +202128,7 @@ CVE-2024-49292 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-49291 (Unrestricted Upload of File with Dangerous Type vulnerability in Gora ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-49289 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-49289 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-49288 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -201976,7 +202158,7 @@ CVE-2024-49264 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-49263 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-49262 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-49262 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-49261 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -202054,7 +202236,7 @@ CVE-2024-48024 (Exposure of Sensitive System Information to an Unauthorized Cont
NOT-FOR-US: WordPress plugin
CVE-2024-48023 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-48022 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-48022 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-48021 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -202206,7 +202388,7 @@ CVE-2024-49271 (Deserialization of Untrusted Data vulnerability in Unlimited Ele
NOT-FOR-US: WordPress plugin
CVE-2024-49270 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-49268 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-49268 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-49267 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -205066,7 +205248,7 @@ CVE-2024-44033 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-44032 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-44029 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-44029 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-44028 (Cross-Site Request Forgery (CSRF) vulnerability in nicejob NiceJob nic ...)
NOT-FOR-US: WordPress plugin
@@ -205190,7 +205372,7 @@ CVE-2024-47374 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2024-47373 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-47372 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-47372 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-47371 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -212638,7 +212820,7 @@ CVE-2024-43957 (Improper Limitation of a Pathname to a Restricted Directory ('Pa
NOT-FOR-US: Wordpress plugin
CVE-2024-43955 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: Wordpress plugin
-CVE-2024-43954 (Missing Authorization vulnerability in Themeum Droip droip allows Expl ...)
+CVE-2024-43954 (Incorrect Authorization vulnerability in Themeum Droip allows Accessin ...)
NOT-FOR-US: Wordpress plugin
CVE-2024-43953 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: Wordpress plugin
@@ -222471,7 +222653,7 @@ CVE-2024-37459 (Improper Neutralization of Input During Web Page Generation (XSS
NOT-FOR-US: WordPress plugin
CVE-2024-37457 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-37449 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-37449 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-37447 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
@@ -224323,7 +224505,7 @@ CVE-2024-37927 (Incorrect Privilege Assignment vulnerability in NooTheme Jobmons
NOT-FOR-US: WordPress theme
CVE-2024-37564 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-37560 (Incorrect Privilege Assignment vulnerability in iqbalrony WP User Swit ...)
+CVE-2024-37560 (Improper Privilege Management vulnerability in IqbalRony WP User Switc ...)
NOT-FOR-US: WordPress plugin
CVE-2024-37544 (Missing Authorization vulnerability in Saleswonder Team: Tobias Get Be ...)
NOT-FOR-US: WordPress plugin
@@ -225266,7 +225448,7 @@ CVE-2024-37498 (Exposure of Sensitive Information to an Unauthorized Actor vulne
NOT-FOR-US: WordPress plugin
CVE-2024-37310 (EVerest is an EV charging software stack. An integer overflow in the " ...)
NOT-FOR-US: EVerest
-CVE-2024-37270 (Insertion of Sensitive Information Into Sent Data vulnerability in Tru ...)
+CVE-2024-37270 (Insertion of Sensitive Information into Log File vulnerability in Trus ...)
NOT-FOR-US: WordPress plugin
CVE-2024-37205 (Insertion of Sensitive Information into Log File vulnerability in SERV ...)
NOT-FOR-US: WordPress plugin
@@ -229380,7 +229562,7 @@ CVE-2024-35771 (Cross-Site Request Forgery (CSRF) vulnerability in presscustomiz
NOT-FOR-US: WordPress theme
CVE-2024-35770 (Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeograp ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-35769 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-35769 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-35768 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -230280,7 +230462,7 @@ CVE-2024-34993 (In the module "Bulk Export products to Google Merchant-Google Sh
NOT-FOR-US: PrestaShop module
CVE-2024-34444 (Missing Authorization vulnerability in ThemePunch OHG Slider Revolutio ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-34443 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2024-34443 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-32030 (Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka U ...)
NOT-FOR-US: Kafka UI
@@ -232047,7 +232229,7 @@ CVE-2023-36504 (Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.T
NOT-FOR-US: WordPress plugin
CVE-2023-35045 (Missing Authorization vulnerability in Fat Rat Fat Rat Collect.This is ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-35040 (Missing Authorization vulnerability in brewlabs SendPress Newsletters ...)
+CVE-2023-35040 (Missing Authorization vulnerability in SendPress SendPress Newsletters ...)
NOT-FOR-US: WordPress plugin
CVE-2024-25142 (Use of Web Browser Cache Containing Sensitive Information vulnerabilit ...)
- airflow <itp> (bug #819700)
@@ -232746,7 +232928,7 @@ CVE-2023-40672 (Missing Authorization vulnerability in Hardik Chavada Sticky Soc
NOT-FOR-US: WordPress plugin
CVE-2023-40603 (Missing Authorization vulnerability in Gangesh Matta Simple Org Chart. ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-40209 (Missing Authorization vulnerability in himalayasaxena Highcompress Ima ...)
+CVE-2023-40209 (Missing Authorization vulnerability in Himalaya Saxena Highcompress Im ...)
NOT-FOR-US: WordPress plugin
CVE-2023-38395 (Missing Authorization vulnerability in Afzal Multani WP Clone Menu.Thi ...)
NOT-FOR-US: WordPress plugin
@@ -250936,7 +251118,7 @@ CVE-2024-1347 (An issue has been discovered in GitLab CE/EE affecting all versio
- gitlab 17.3.5-2
CVE-2023-52220 (Missing Authorization vulnerability in MonsterInsights Google Analytic ...)
NOT-FOR-US: MonsterInsights Google Analytics
-CVE-2023-51484 (Incorrect Privilege Assignment vulnerability in wp-buy Login as User o ...)
+CVE-2023-51484 (Improper Authentication vulnerability in wp-buy Login as User or Custo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-51482 (Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manag ...)
NOT-FOR-US: WordPress plugin
@@ -261526,9 +261708,9 @@ CVE-2024-1232 (The CM Download Manager WordPress plugin before 2.9.0 does not h
NOT-FOR-US: WordPress plugin
CVE-2024-1231 (The CM Download Manager WordPress plugin before 2.9.0 does not have C ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-37886 (Missing Authorization vulnerability in InspiryThemes RealHomes realhom ...)
+CVE-2023-37886 (Missing Authorization vulnerability in InspiryThemes RealHomes.This is ...)
NOT-FOR-US: WordPress theme
-CVE-2023-37885 (Missing Authorization vulnerability in InspiryThemes RealHomes realhom ...)
+CVE-2023-37885 (Missing Authorization vulnerability in InspiryThemes RealHomes.This is ...)
NOT-FOR-US: WordPress theme
CVE-2023-33923 (Missing Authorization vulnerability in HashThemes Viral News, HashThem ...)
NOT-FOR-US: WordPress theme
@@ -263655,7 +263837,7 @@ CVE-2023-51489 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic, I
NOT-FOR-US: WordPress plugin
CVE-2023-51487 (Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft ARI Stream ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-51486 (Cross-Site Request Forgery (CSRF) vulnerability in EDGARROJAS WooComme ...)
+CVE-2023-51486 (Cross-Site Request Forgery (CSRF) vulnerability in RedNao WooCommerce ...)
NOT-FOR-US: WordPress plugin
CVE-2023-51474 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClass ...)
NOT-FOR-US: WordPress plugin
@@ -279652,7 +279834,7 @@ CVE-2023-52201 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2023-52200 (Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data v ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-52190 (Insertion of Sensitive Information Into Sent Data vulnerability in WP ...)
+CVE-2023-52190 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: WordPress plugin
CVE-2023-51701 (fastify-reply-from is a Fastify plugin to forward the current HTTP req ...)
NOT-FOR-US: fastify-reply-from
@@ -289223,7 +289405,7 @@ CVE-2023-47520 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mi
NOT-FOR-US: WordPress plugin
CVE-2023-47518 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Matthew ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-47517 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2023-47517 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPres ...)
NOT-FOR-US: WordPress plugin
CVE-2023-47446 (Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scriptin ...)
NOT-FOR-US: Pre-School Enrollment
@@ -296077,7 +296259,7 @@ CVE-2023-42473 (S/4HANA Manage (Withholding Tax Items) - version 106,does not pe
NOT-FOR-US: SAP
CVE-2023-42189 (Insecure Permissions vulnerability in Connectivity Standards Alliance ...)
NOT-FOR-US: Connectivity Standards Alliance Matter Official SDK
-CVE-2023-41730 (Cross-Site Request Forgery (CSRF) vulnerability in brewlabs SendPress ...)
+CVE-2023-41730 (Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newslette ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41697 (Cross-Site Request Forgery (CSRF) vulnerability in Nikunj Soni Easy WP ...)
NOT-FOR-US: WordPress plugin
@@ -297246,7 +297428,7 @@ CVE-2023-41733 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilityin
NOT-FOR-US: WordPress plugin
CVE-2023-41731 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Th ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-41729 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2023-41729 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Send ...)
NOT-FOR-US: WordPress plugin
CVE-2023-41728 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -301255,7 +301437,7 @@ CVE-2023-40208 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Al
NOT-FOR-US: WordPress plugin
CVE-2023-40206 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in hwk- ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-40205 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2023-40205 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pixelgra ...)
NOT-FOR-US: WordPress plugin
CVE-2023-40197 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
@@ -306965,7 +307147,7 @@ CVE-2023-36502 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2023-36501 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-36385 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2023-36385 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpxpo Po ...)
NOT-FOR-US: WordPress plugin
CVE-2023-35982 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
NOT-FOR-US: Aruba
@@ -309066,7 +309248,7 @@ CVE-2023-35297 (Windows Pragmatic General Multicast (PGM) Remote Code Execution
NOT-FOR-US: Microsoft
CVE-2023-35296 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
NOT-FOR-US: Microsoft
-CVE-2023-35091 (Cross-Site Request Forgery (CSRF) vulnerability in storeapps Stock Man ...)
+CVE-2023-35091 (Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Man ...)
NOT-FOR-US: WooCommerce addon
CVE-2023-35047 (Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap ...)
NOT-FOR-US: WordPress plugin
@@ -316934,7 +317116,7 @@ CVE-2023-31080 (Missing Authorization vulnerability in Unlimited Elements Unlimi
NOT-FOR-US: WordPress plugin
CVE-2023-31079 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-31078 (Cross-Site Request Forgery (CSRF) vulnerability in MacSteini WP Browse ...)
+CVE-2023-31078 (Cross-Site Request Forgery (CSRF) vulnerability in Marco Steinbrecher ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31077 (Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export WP Pa ...)
NOT-FOR-US: WordPress plugin
@@ -317514,15 +317696,15 @@ CVE-2023-30876 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-30875 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in All ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-30874 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2023-30874 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Stev ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-30873 (Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs a ...)
+CVE-2023-30873 (Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Ex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30872 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30871 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PT Woo P ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-30870 (Missing Authorization vulnerability in Marc dooder Sharkdropship for A ...)
+CVE-2023-30870 (Missing Authorization vulnerability in wooproductimporter Sharkdropshi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30869 (Improper Authentication vulnerability in Easy Digital Downloads plugin ...)
NOT-FOR-US: WordPress plugin
@@ -319025,7 +319207,7 @@ CVE-2023-30492 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-30491 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeBard ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-30490 (Missing Authorization vulnerability in MatthewRuddy Easing Slider eas ...)
+CVE-2023-30490 (Missing Authorization vulnerability in Matthew Ruddy Easing Slider al ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30489 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
NOT-FOR-US: WordPress plugin
@@ -319033,7 +319215,7 @@ CVE-2023-30488 (Missing Authorization vulnerability in WP OnlineSupport, Essenti
NOT-FOR-US: WordPress plugin
CVE-2023-30487 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ThimPres ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-30486 (Missing Authorization vulnerability in hashthemes Square square allows ...)
+CVE-2023-30486 (Missing Authorization vulnerability in HashThemes Square allows Exploi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30485 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin I ...)
NOT-FOR-US: WordPress plugin
@@ -319053,7 +319235,7 @@ CVE-2023-30478 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant New
NOT-FOR-US: WordPress plugin
CVE-2023-30477 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essi ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-30476 (Missing Authorization vulnerability in sparklewpthemes Blogger Buzz bl ...)
+CVE-2023-30476 (Missing Authorization vulnerability in Sparkle Themes Blogger Buzz all ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30475 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot S ...)
NOT-FOR-US: WordPress plugin
@@ -321623,15 +321805,15 @@ CVE-2023-29435 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-29434 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fanc ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-29433 (Missing Authorization vulnerability in carsonxu tencentcloud-cos tence ...)
+CVE-2023-29433 (Missing Authorization vulnerability in \u817e\u8baf\u4e91 tencentcloud ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29432 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-29431 (Missing Authorization vulnerability in Amir Helzer qTranslate X Cleanu ...)
+CVE-2023-29431 (Missing Authorization vulnerability in OntheGoSystems qTranslate X Cle ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29430 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHtheme ...)
NOT-FOR-US: WordPress theme
-CVE-2023-29429 (Missing Authorization vulnerability in wpeverest User Registration use ...)
+CVE-2023-29429 (Missing Authorization vulnerability in WPEverest User Registration all ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29428 (Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb So ...)
NOT-FOR-US: WordPress plugin
@@ -321645,7 +321827,7 @@ CVE-2023-29424 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-29423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI W ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-29422 (Missing Authorization vulnerability in alexacrm Dynamics 365 Integrati ...)
+CVE-2023-29422 (Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integrati ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1916 (A flaw was found in tiffcrop, a program distributed by the libtiff pac ...)
- tiff 4.7.0-1 (unimportant)
@@ -322384,7 +322566,7 @@ CVE-2023-29237 (Missing Authorization vulnerability in Muhammad Rehman Remove Du
NOT-FOR-US: WordPress plugin
CVE-2023-29236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththeme ...)
NOT-FOR-US: WordPress theme
-CVE-2023-29235 (Cross-Site Request Forgery (CSRF) vulnerability in Fugu Design Mainten ...)
+CVE-2023-29235 (Cross-Site Request Forgery (CSRF) vulnerability in Fugu Maintenance Sw ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29234 (A deserialization vulnerability existed when decode amalicious package ...)
NOT-FOR-US: Apache Dubbo
@@ -322632,7 +322814,7 @@ CVE-2023-29175 (An improper certificate validation vulnerability [CWE-295] in Fo
NOT-FOR-US: FortiGuard
CVE-2023-29174 (Missing Authorization vulnerability in NervyThemes SKU Label Changer F ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-29173 (Missing Authorization vulnerability in AwesomeTOGI Product Category Tr ...)
+CVE-2023-29173 (Missing Authorization vulnerability in AWESOME TOGI Product Category T ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29172 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Property ...)
NOT-FOR-US: WordPress plugin
@@ -323235,7 +323417,7 @@ CVE-2023-28992 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in El
NOT-FOR-US: WordPress plugin
CVE-2023-28991 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI W ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28990 (Missing Authorization vulnerability in hashthemes Viral Mag viral-mag ...)
+CVE-2023-28990 (Missing Authorization vulnerability in HashThemes Viral Mag allows Exp ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28989 (Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy Addons ...)
NOT-FOR-US: WordPress plugin
@@ -324385,7 +324567,7 @@ CVE-2023-28691
RESERVED
CVE-2023-28690 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28689 (Missing Authorization vulnerability in JoomSky JS Job Manager js-jobs ...)
+CVE-2023-28689 (Missing Authorization vulnerability in JoomSky JS Job Manager allows E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28688 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk TH Variat ...)
NOT-FOR-US: WordPress plugin
@@ -324614,7 +324796,7 @@ CVE-2023-28621 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: WordPress theme
CVE-2023-28620 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cybe ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28619 (Missing Authorization vulnerability in bnayawpguy Resoto resoto allows ...)
+CVE-2023-28619 (Missing Authorization vulnerability in bnayawpguy Resoto allows Exploi ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2023-28618 (Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou E ...)
NOT-FOR-US: WordPress plugin
@@ -324931,15 +325113,15 @@ CVE-2023-28538 (Memory corruption in WIN Product while invoking WinAcpi update d
NOT-FOR-US: Qualcomm
CVE-2023-28537 (Memory corruption while allocating memory in COmxApeDec module in Audi ...)
NOT-FOR-US: Qualcomm
-CVE-2023-28536 (Missing Authorization vulnerability in Acato Branded Social Images bra ...)
+CVE-2023-28536 (Missing Authorization vulnerability in Acato Branded Social Images all ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28535 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Pa ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28534 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2023-28534 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28533 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Wi ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28532 (Missing Authorization vulnerability in listingthemes Real Estate Direc ...)
+CVE-2023-28532 (Missing Authorization vulnerability in wpdirectorykit.com Real Estate ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28531 (ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without ...)
- openssh 1:9.3p1-1 (bug #1033166)
@@ -325390,9 +325572,9 @@ CVE-2023-28419 (Cross-Site Request Forgery (CSRF) vulnerability in Stranger Stud
NOT-FOR-US: WordPress plugin
CVE-2023-28418 (Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability ...)
NOT-FOR-US: WordPress theme
-CVE-2023-28417 (Missing Authorization vulnerability in alexacrm Dynamics 365 Integrati ...)
+CVE-2023-28417 (Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integrati ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28416 (Missing Authorization vulnerability in sparklewpthemes Chankhe chankhe ...)
+CVE-2023-28416 (Missing Authorization vulnerability in Sparkle Themes Chankhe allows E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28415 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Xoot ...)
NOT-FOR-US: WordPress plugin
@@ -326240,13 +326422,13 @@ CVE-2023-28170 (Unrestricted Upload of File with Dangerous Type vulnerability in
NOT-FOR-US: WordPress plugin
CVE-2023-28169 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Core ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28168 (Missing Authorization vulnerability in sant0sk1 WordPress Console word ...)
+CVE-2023-28168 (Missing Authorization vulnerability in Jerod Santo WordPress Console a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28167 (Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital CF7 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28166 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aakif Ka ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28165 (Missing Authorization vulnerability in Varun Sharma Backup Bank: WordP ...)
+CVE-2023-28165 (Missing Authorization vulnerability in Tech Banker Backup Bank: WordPr ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28164 (Dragging a URL from a cross-origin iframe that was removed during the ...)
{DSA-5375-1 DSA-5374-1 DLA-3365-1 DLA-3364-1}
@@ -328063,7 +328245,7 @@ CVE-2023-27627 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in eg
NOT-FOR-US: WordPress plugin
CVE-2023-27626 (Missing Authorization vulnerability in Aleksandar Uro\u0161evi\u0107 S ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27625 (Missing Authorization vulnerability in Gemini Labs Site Reviews site-r ...)
+CVE-2023-27625 (Missing Authorization vulnerability in Paul Ryley Site Reviews allows ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27624 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
NOT-FOR-US: WordPress plugin
@@ -328095,7 +328277,7 @@ CVE-2023-27611 (Cross-Site Request Forgery (CSRF) vulnerability in audrasjb Reus
NOT-FOR-US: WordPress plugin
CVE-2023-27610 (Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelope ...)
NOT-FOR-US: TransbankDevelopers Transbank Webpay
-CVE-2023-27609 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2023-27609 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27608 (Missing Authorization vulnerability in WP Swings Points and Rewards fo ...)
NOT-FOR-US: WordPress plugin
@@ -328632,11 +328814,11 @@ CVE-2023-27458 (Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpSt
NOT-FOR-US: WordPress plugin
CVE-2023-27457 (Cross-Site Request Forgery (CSRF) vulnerability in Passionate Brains A ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27456 (Missing Authorization vulnerability in hashthemes Total total allows E ...)
+CVE-2023-27456 (Missing Authorization vulnerability in HashThemes Total allows Exploit ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27455 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maui Mar ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27454 (Missing Authorization vulnerability in apollo13themes Rife Elementor E ...)
+CVE-2023-27454 (Missing Authorization vulnerability in Apollo13Themes Rife Elementor E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27453 (Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugi ...)
NOT-FOR-US: WordPress plugin
@@ -328646,7 +328828,7 @@ CVE-2023-27451 (Server-Side Request Forgery (SSRF) vulnerability in Darren Coone
NOT-FOR-US: WordPress plugin
CVE-2023-27450 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27449 (Missing Authorization vulnerability in TotalSuite Total Poll Lite tota ...)
+CVE-2023-27449 (Missing Authorization vulnerability in TotalSuite Total Poll Lite allo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27448 (Cross-Site Request Forgery (CSRF) vulnerability in MakeStories Team Ma ...)
NOT-FOR-US: WordPress plugin
@@ -328688,7 +328870,7 @@ CVE-2023-27430 (Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken
NOT-FOR-US: WordPress plugin
CVE-2023-27429 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Auto ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27428 (Missing Authorization vulnerability in DamirCalusic WP users media wp- ...)
+CVE-2023-27428 (Missing Authorization vulnerability in Damir Calusic WP users media al ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27427 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NTZA ...)
NOT-FOR-US: WordPress plugin
@@ -330970,7 +331152,7 @@ CVE-2023-26524 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Q
NOT-FOR-US: WordPress plugin
CVE-2023-26523 (Missing Authorization vulnerability in CodePeople Calculated Fields Fo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-26522 (Missing Authorization vulnerability in OneWebsite WP Repost wp-repost ...)
+CVE-2023-26522 (Missing Authorization vulnerability in OneWebsite WP Repost allows Exp ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26521 (Missing Authorization vulnerability in CodePeople Search in Place allo ...)
NOT-FOR-US: WordPress plugin
@@ -332582,7 +332764,7 @@ CVE-2023-26004
RESERVED
CVE-2023-26003 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-26002 (Missing Authorization vulnerability in 6Storage 6Storage Rentals 6stor ...)
+CVE-2023-26002 (Missing Authorization vulnerability in 6Storage 6Storage Rentals allow ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26001 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -332600,7 +332782,7 @@ CVE-2023-25995 (Improper Control of Filename for Include/Require Statement in PH
NOT-FOR-US: WordPress plugin
CVE-2023-25994 (Cross-Site Request Forgery (CSRF) vulnerability in Alex Benfica Publis ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25993 (Missing Authorization vulnerability in Ajay Top 10 top-10 allows Explo ...)
+CVE-2023-25993 (Missing Authorization vulnerability in WebberZone Top 10 allows Exploi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25992 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Crea ...)
NOT-FOR-US: WordPress plugin
@@ -332610,7 +332792,7 @@ CVE-2023-25990 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2023-25989 (Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25988 (Missing Authorization vulnerability in totalsoft Video Gallery \u2013 ...)
+CVE-2023-25988 (Missing Authorization vulnerability in Video Gallery by Total-Soft Vid ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25987 (Cross-Site Request Forgery (CSRF) vulnerability in Aleksandar Uro\u016 ...)
NOT-FOR-US: WordPress plugin
@@ -332654,7 +332836,7 @@ CVE-2023-25968 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, M
NOT-FOR-US: WordPress plugin
CVE-2023-25967 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25966 (Missing Authorization vulnerability in Ninja Team Filebird filebird al ...)
+CVE-2023-25966 (Missing Authorization vulnerability in Ninja Team Filebird allows Expl ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25965 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: WordPress plugin
@@ -332668,7 +332850,7 @@ CVE-2023-25961 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ca
NOT-FOR-US: WordPress plugin
CVE-2023-25960 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25959 (Missing Authorization vulnerability in apollo13themes Apollo13 Framewo ...)
+CVE-2023-25959 (Missing Authorization vulnerability in Apollo13Themes Apollo13 Framewo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25958 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Just ...)
NOT-FOR-US: WordPress plugin
@@ -333137,7 +333319,7 @@ CVE-2023-25793 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-25792 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Xiao ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25791 (Missing Authorization vulnerability in caduspro Fontiran fontiran allo ...)
+CVE-2023-25791 (Missing Authorization vulnerability in Cadus Pro Fontiran allows Explo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25790 (Improper Authentication, Improper Neutralization of Input During Web P ...)
NOT-FOR-US: WordPress plugin
@@ -333510,7 +333692,7 @@ CVE-2023-25716 (Auth (admin+) Stored Cross-Site Scripting (XSS) vulnerability in
NOT-FOR-US: WordPress plugin
CVE-2023-25715 (Missing Authorization vulnerability in GamiPress GamiPress \u2013 The ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25714 (Missing Authorization vulnerability in fullworks Quick Paypal Payments ...)
+CVE-2023-25714 (Missing Authorization vulnerability in Fullworks Quick Paypal Payments ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25713 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Q ...)
NOT-FOR-US: WordPress plugin
@@ -334602,7 +334784,7 @@ CVE-2023-25488 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-25487 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade PixTypes ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25486 (Missing Authorization vulnerability in migrate Clone wp-clone-by-wp-ac ...)
+CVE-2023-25486 (Missing Authorization vulnerability in Migrate Clone allows Exploiting ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25485 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bern ...)
NOT-FOR-US: WordPress plugin
@@ -334684,7 +334866,7 @@ CVE-2023-25447 (Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom
NOT-FOR-US: WordPress theme
CVE-2023-25446 (Missing Authorization vulnerability in HappyFiles HappyFiles Pro happy ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2023-25445 (Missing Authorization vulnerability in HappyFiles HappyFiles Pro happy ...)
+CVE-2023-25445 (Missing Authorization vulnerability in HappyFiles HappyFiles Pro allow ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2023-25444 (Unrestricted Upload of File with Dangerous Type vulnerability in JS He ...)
NOT-FOR-US: WordPress plugin
@@ -335632,9 +335814,9 @@ CVE-2013-10016 (A vulnerability was found in fanzila WebFinance 0.5 and classifi
NOT-FOR-US: fanzila WebFinance
CVE-2013-10015 (A vulnerability has been found in fanzila WebFinance 0.5 and classifie ...)
NOT-FOR-US: fanzila WebFinance
-CVE-2023-25068 (Missing Authorization vulnerability in Mapro Collins Magazine Edge mag ...)
+CVE-2023-25068 (Missing Authorization vulnerability in Mapro Collins Magazine Edge all ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2023-25067 (Missing Authorization vulnerability in Noah Hearle We\u2019re Open! op ...)
+CVE-2023-25067 (Missing Authorization vulnerability in Noah Hearle, Design Extreme We\ ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25066 (Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flow ...)
NOT-FOR-US: FolioVision
@@ -335694,11 +335876,11 @@ CVE-2023-25039 (Missing Authorization vulnerability in CodePeople Google Maps CP
NOT-FOR-US: WordPress plugin
CVE-2023-25038 (Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For the visu ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25037 (Missing Authorization vulnerability in codepeople Booking Calendar Con ...)
+CVE-2023-25037 (Missing Authorization vulnerability in CodePeople Booking Calendar Con ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25036 (Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.An ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25035 (Missing Authorization vulnerability in Saad Iqbal Quick Contact Form q ...)
+CVE-2023-25035 (Missing Authorization vulnerability in Fullworks Quick Contact Form a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25034 (Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean U ...)
NOT-FOR-US: WordPress plugin
@@ -335716,7 +335898,7 @@ CVE-2023-25028 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-25027 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kibo ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25026 (Missing Authorization vulnerability in Ot\xe1vio Augusto PayPal Brasil ...)
+CVE-2023-25026 (Missing Authorization vulnerability in PayPal PayPal Brasil para WooCo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25025 (Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-Copy ...)
NOT-FOR-US: WordPress plugin
@@ -337793,7 +337975,7 @@ CVE-2023-24409 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I
NOT-FOR-US: WordPress plugin
CVE-2023-24408 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24407 (Missing Authorization vulnerability in wpdevart Booking calendar, Appo ...)
+CVE-2023-24407 (Missing Authorization vulnerability in WpDevArt Booking calendar, Appo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24406 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mune ...)
NOT-FOR-US: WordPress plugin
@@ -338803,13 +338985,13 @@ CVE-2023-23991 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2023-23990 (Improper Privilege Management vulnerability in Qube One Ltd. Redirecti ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23989 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
+CVE-2023-23989 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23988 (Missing Authorization vulnerability in Joseph C Dolson My Tickets.This ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23987 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+CVE-2023-23987 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEv ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23986 (Missing Authorization vulnerability in Noah Hearle Reviews and Rating ...)
+CVE-2023-23986 (Missing Authorization vulnerability in Noah Hearle, Design Extreme Rev ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23985 (Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This ...)
NOT-FOR-US: WordPress plugin
@@ -338831,7 +339013,7 @@ CVE-2023-23977 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-23976 (Incorrect Default Permissions vulnerability in Metagauss RegistrationM ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23975 (Missing Authorization vulnerability in brightvesseldev Quick Event Man ...)
+CVE-2023-23975 (Missing Authorization vulnerability in Fullworks Quick Event Manager a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23974 (Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Eve ...)
NOT-FOR-US: WordPress plugin
@@ -339099,11 +339281,11 @@ CVE-2023-23897 (Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugin
NOT-FOR-US: WordPress plugin
CVE-2023-23896 (Missing Authorization vulnerability in MyThemeShop URL Shortener by My ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23895 (Missing Authorization vulnerability in codepeople WP Time Slots Bookin ...)
+CVE-2023-23895 (Missing Authorization vulnerability in CodePeople WP Time Slots Bookin ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23894 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23893 (Missing Authorization vulnerability in Igor Benic Simple Giveaways giv ...)
+CVE-2023-23893 (Missing Authorization vulnerability in Igor Benic Simple Giveaways all ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23892 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
@@ -339115,9 +339297,9 @@ CVE-2023-23889 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-23888 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23887 (Missing Authorization vulnerability in Shahjada Easy Google Analytics ...)
+CVE-2023-23887 (Missing Authorization vulnerability in Shaon Easy Google Analytics for ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23886 (Missing Authorization vulnerability in mg12 WP-RecentComments wp-recen ...)
+CVE-2023-23886 (Missing Authorization vulnerability in mg12 WP-RecentComments allows E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23885 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
@@ -339279,7 +339461,7 @@ CVE-2015-10071 (A vulnerability was found in gitter-badger ezpublish-modern-lega
NOT-FOR-US: gitter-badger ezpublish-modern-legacy
CVE-2023-23835 (A vulnerability has been identified in Mendix Applications using Mendi ...)
NOT-FOR-US: Siemens
-CVE-2023-23834 (Missing Authorization vulnerability in Brainstorm Force Spectra ultima ...)
+CVE-2023-23834 (Missing Authorization vulnerability in Brainstorm Force Spectra allows ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23833 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steve ...)
NOT-FOR-US: WordPress plugin
@@ -339297,11 +339479,11 @@ CVE-2023-23827 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in
NOT-FOR-US: WordPress plugin
CVE-2023-23826 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23825 (Missing Authorization vulnerability in Brainstorm Force Spectra ultima ...)
+CVE-2023-23825 (Missing Authorization vulnerability in Brainstorm Force Spectra allows ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23824 (Auth. SQL Injection (SQLi) vulnerability inWP-TopBar<= 5.36 versions.)
NOT-FOR-US: WordPress plugin
-CVE-2023-23823 (Missing Authorization vulnerability in cl272 Enhanced Text Widget enha ...)
+CVE-2023-23823 (Missing Authorization vulnerability in Clever Widgets Enhanced Text Wi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23822 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ludw ...)
NOT-FOR-US: WordPress plugin
@@ -339319,7 +339501,7 @@ CVE-2023-23816 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Tward
NOT-FOR-US: WordPress plugin
CVE-2023-23815 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23814 (Missing Authorization vulnerability in codepeople CP Multi View Event ...)
+CVE-2023-23814 (Missing Authorization vulnerability in CodePeople CP Multi View Event ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23813 (Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My ...)
NOT-FOR-US: WordPress plugin
@@ -339645,15 +339827,15 @@ CVE-2023-23731 (Cross-Site Request Forgery (CSRF) vulnerability in HasTheme Wish
NOT-FOR-US: WordPress plugin
CVE-2023-23730 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23729 (Missing Authorization vulnerability in Brainstorm Force Spectra ultima ...)
+CVE-2023-23729 (Missing Authorization vulnerability in Brainstorm Force Spectra allows ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2023-23728 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Winwa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23727 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Form ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23726 (Cross-Site Request Forgery (CSRF) vulnerability in Tickera Tickera tic ...)
+CVE-2023-23726 (Cross-Site Request Forgery (CSRF) vulnerability in Tickera.com Tickera ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23725 (Missing Authorization vulnerability in Chris Baldelomar Shortcodes wc- ...)
+CVE-2023-23725 (Missing Authorization vulnerability in Chris Baldelomar Shortcodes all ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23724 (Cross-Site Request Forgery (CSRF) vulnerability in Winwar Media WP Ema ...)
NOT-FOR-US: WordPress plugin
@@ -339671,9 +339853,9 @@ CVE-2023-23718 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Essta
NOT-FOR-US: Esstat17
CVE-2023-23717 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Georg ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23716 (Missing Authorization vulnerability in zendesk_official Zendesk Suppor ...)
+CVE-2023-23716 (Missing Authorization vulnerability in Zendesk Zendesk Support for Wor ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23715 (Missing Authorization vulnerability in Ultimate Member JobBoardWP \u20 ...)
+CVE-2023-23715 (Missing Authorization vulnerability in JobBoardWP JobBoardWP \u2013 Jo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23714 (Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny ...)
NOT-FOR-US: WordPress plugin
@@ -343121,7 +343303,7 @@ CVE-2023-22710 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ch
NOT-FOR-US: WordPress plugin
CVE-2023-22709 (Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS Simple H ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-22708 (Missing Authorization vulnerability in karim79 Kraken.io Image Optimiz ...)
+CVE-2023-22708 (Missing Authorization vulnerability in Karim Salman Kraken.io Image Op ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22707 (Auth. (author+) Cross-Site Scripting (XSS) vulnerability in Wpsoul Gre ...)
NOT-FOR-US: WordPress plugin
@@ -343135,7 +343317,7 @@ CVE-2023-22703 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in We
NOT-FOR-US: WordPress plugin
CVE-2023-22702 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WPMob ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-22701 (Missing Authorization vulnerability in motov.net Ebook Store ebook-sto ...)
+CVE-2023-22701 (Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allow ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22700 (Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Pixel ...)
NOT-FOR-US: PixelYourSite
@@ -343143,7 +343325,7 @@ CVE-2023-22699 (Missing Authorization vulnerability in MainWP MainWP Wordfence E
NOT-FOR-US: WordPress plugin
CVE-2023-22698 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Jason ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-22697 (Missing Authorization vulnerability in Ays Pro Survey Maker survey-mak ...)
+CVE-2023-22697 (Missing Authorization vulnerability in Survey Maker team Survey Maker ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22696 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
@@ -346404,7 +346586,7 @@ CVE-2022-47603 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wp
NOT-FOR-US: WordPress plugin
CVE-2022-47602 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-47601 (Missing Authorization vulnerability in JoomUnited WP Table Manager wp- ...)
+CVE-2022-47601 (Missing Authorization vulnerability in JoomUnited WP Table Manager all ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47600 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
NOT-FOR-US: WordPress plugin
@@ -349085,7 +349267,7 @@ CVE-2022-47184 (Exposure of Sensitive Information to an Unauthorized Actor vulne
NOTE: https://github.com/apache/trafficserver/commit/b49ae063632b1f40b9bd45aa66524924e2c26600 (8.1.7)
CVE-2022-47183 (Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Blo ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-47182 (Missing Authorization vulnerability in Saad Iqbal APIExperts Square fo ...)
+CVE-2022-47182 (Missing Authorization vulnerability in Wpexpertsio APIExperts Square f ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47181 (Cross-Site Request Forgery (CSRF) vulnerability in wpexpertsio Email T ...)
NOT-FOR-US: WordPress plugin
@@ -349097,7 +349279,7 @@ CVE-2022-47178 (Cross-Site Request Forgery (CSRF) vulnerability in Simple Share
NOT-FOR-US: WordPress plugin
CVE-2022-47177 (Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP Easy ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-47176 (Missing Authorization vulnerability in averta Depicter Slider depicter ...)
+CVE-2022-47176 (Missing Authorization vulnerability in Depicter Slider and Popup by Av ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47175 (Cross-Site Request Forgery (CSRF) vulnerability in P Royal Royal Eleme ...)
NOT-FOR-US: WordPress plugin
@@ -350051,11 +350233,11 @@ CVE-2022-46842 (Cross-Site Request Forgery (CSRF) vulnerability inJS Help Desk p
NOT-FOR-US: WordPress plugin
CVE-2022-46841 (Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Oxygen Build ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46840 (Missing Authorization vulnerability in JoomSky JS Help Desk js-support ...)
+CVE-2022-46840 (Missing Authorization vulnerability in JS Help Desk JS Help Desk \u201 ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46839 (Unrestricted Upload of File with Dangerous Type vulnerability in JS He ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46838 (Missing Authorization vulnerability in JoomSky JS Help Desk js-support ...)
+CVE-2022-46838 (Missing Authorization vulnerability in JS Help Desk JS Help Desk \u201 ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4391 (The Vision Interactive For WordPress plugin through 1.5.3 does not san ...)
NOT-FOR-US: WordPress plugin
@@ -350172,7 +350354,7 @@ CVE-2022-46813 (Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. A
NOT-FOR-US: WordPress plugin
CVE-2022-46812 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank Yo ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46811 (Missing Authorization vulnerability in VillaTheme ALD \u2013 Dropshipp ...)
+CVE-2022-46811 (Missing Authorization vulnerability in VillaTheme(villatheme.com) ALD ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46810 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank Yo ...)
NOT-FOR-US: WordPress plugin
@@ -350180,7 +350362,7 @@ CVE-2022-46809 (Improper Neutralization of Formula Elements in a CSV File vulner
NOT-FOR-US: WordPress plugin
CVE-2022-46808 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46807 (Missing Authorization vulnerability in WP Trio Stock Sync for WooComme ...)
+CVE-2022-46807 (Missing Authorization vulnerability in Lauri Karisola / WP Trio Stock ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46806 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All ...)
NOT-FOR-US: WordPress plugin
@@ -350202,9 +350384,9 @@ CVE-2022-46798 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Sho
NOT-FOR-US: WordPress plugin
CVE-2022-46797 (Cross-Site Request Forgery (CSRF) vulnerability in Conversios All-in-o ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46796 (Missing Authorization vulnerability in VillaTheme CURCY woo-multi-curr ...)
+CVE-2022-46796 (Missing Authorization vulnerability in VillaTheme CURCY allows Exploit ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46795 (Missing Authorization vulnerability in tychesoftwares Print Invoice & ...)
+CVE-2022-46795 (Missing Authorization vulnerability in Tyche Softwares Print Invoice & ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46794 (Cross-Site Request Forgery (CSRF) vulnerability in weightbasedshipping ...)
NOT-FOR-US: WordPress plugin
@@ -353290,7 +353472,7 @@ CVE-2022-45843 (Auth. (contributor+) Stored Cross-Site Scripting vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2022-45842 (Unauth. Race Condition vulnerability inWP ULike Plugin <= 4.6.4 onWord ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45841 (Missing Authorization vulnerability in robosoft Robo Gallery robo-gall ...)
+CVE-2022-45841 (Missing Authorization vulnerability in RoboSoft Robo Gallery allows Ex ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45840 (Missing Authorization vulnerability in Lucian Apostol Auto Affiliate L ...)
NOT-FOR-US: WordPress plugin
@@ -353308,7 +353490,7 @@ CVE-2022-45834
RESERVED
CVE-2022-45833 (Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 on ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45832 (Missing Authorization vulnerability in Hennessey Digital Attorney atto ...)
+CVE-2022-45832 (Missing Authorization vulnerability in Hennessey Digital Attorney.This ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45831 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in biplob01 ...)
NOT-FOR-US: WordPress plugin
@@ -353334,7 +353516,7 @@ CVE-2022-45821 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2022-45820 (SQL Injection (SQLi) vulnerability inLearnPress \u2013 WordPress LMS P ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45819 (Missing Authorization vulnerability in Daniel Iser Popup Maker popup-m ...)
+CVE-2022-45819 (Missing Authorization vulnerability in Popup Maker Popup Maker allows ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45818 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
@@ -353360,7 +353542,7 @@ CVE-2022-45808 (SQL Injection vulnerability inLearnPress \u2013 WordPress LMS Pl
NOT-FOR-US: WordPress plugin
CVE-2022-45807 (Cross-Site Request Forgery (CSRF) inWPVibes WP Mail Log plugin <= 1.0. ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45806 (Missing Authorization vulnerability in Strategy11 Team Formidable Form ...)
+CVE-2022-45806 (Missing Authorization vulnerability in Strategy11 Form Builder Team Fo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45805 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
@@ -358226,7 +358408,7 @@ CVE-2022-44580 (SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Goo
NOT-FOR-US: WordPress plugin
CVE-2022-44579
RESERVED
-CVE-2022-44578 (Missing Authorization vulnerability in pjehan Owl Carousel owl-carouse ...)
+CVE-2022-44578 (Missing Authorization vulnerability in Pierre JEHAN Owl Carousel allow ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44577
REJECTED
@@ -362766,7 +362948,7 @@ CVE-2022-43479 (Open redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allo
NOT-FOR-US: SHIRASAGI
CVE-2022-43476 (Missing Authorization vulnerability in Daniel S\xf6derstr\xf6m / Sidne ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-43472 (Missing Authorization vulnerability in DigitalME eRoom eroom-zoom-meet ...)
+CVE-2022-43472 (Missing Authorization vulnerability in StylemixThemes eRoom \u2013 Zoo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-43471
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ec73d5ff390ab51f7ecc73dab1d984b53fb2900
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ec73d5ff390ab51f7ecc73dab1d984b53fb2900
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260428/d29060a4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list