| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce <= 8.5.3 versions. |
| Unauthenticated Broken Access Control in Booking Package <= 1.7.06 versions. |
| Unauthenticated Broken Access Control in wpForo Forum < 3.0.2 versions. |
| Sales Representative Arbitrary File Deletion in Groundhogg <= 4.4 versions. |
| Contributor Privilege Escalation in B Blocks <= 2.0.31 versions. |
| Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions. |
| Unauthenticated Cross Site Scripting (XSS) in Paid Member Subscriptions <= 2.17.3 versions. |
| Unauthenticated SQL Injection in Form Maker by 10Web <= 1.15.38 versions. |
| Author Arbitrary File Download in Download Monitor <= 5.1.9 versions. |
| Author PHP Object Injection in ShortPixel Image Optimizer <= 6.4.3 versions. |
| Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.0.0 to before version 2.2.0, the getRedirectURL function in oauth2.go:22-29 constructs the OAuth2 callback URL by concatenating the request's Host header with a fixed path, with zero validation of the Host header. This can result in host header injection. This issue has been patched in version 2.2.0. |
| Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions. |
| Unauthenticated Cross Site Scripting (XSS) in WooCommerce Product Table Lite <= 4.6.3 versions. |
| Unauthenticated Broken Access Control in Simple Membership <= 4.7.1 versions. |
| Unauthenticated Broken Access Control in User Registration <= 5.1.2 versions. |
| Unauthenticated Cross Site Scripting (XSS) in iRobots.txt SEO <= 1.1.2 versions. |
| A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a specially crafted VMnc file, potentially causing a crash or information disclosure. |
| Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert() builds an INSERT against HARVEST_SITE_SCHEDULE via string concatenation, using a quoteString() helper that performs raw single-quote wrapping without escaping. Three request parameters reach the sink: unit, contactEmail, and documentListURL. The servlet does not verify a real LDAP identity. Allowing the vulnerable insert to proceed. Since the PostgreSQL backend permits stacked queries via Statement.executeUpdate(), this vulnerability allows full read/write/execute access in the Metacat database context. The vulnerability was remediated in Metacat 3.0.0. |
| Subscriber Sensitive Data Exposure in XCloner <= 4.8.6 versions. |
| WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthenticated attackers to modify calendar settings and inject persistent cross-site scripting payloads through the admin.php page parameters. Attackers can inject malicious JavaScript into the 'ict' and 'ics' options or the calendar 'name' parameter via GET requests to execute arbitrary scripts when the calendar is displayed or accessed in the administration interface. |
