Tausch Ticket Script CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 18), (line:1, col:19)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (329883 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-22349	1 Wordpress	1 Wordpress	2026-01-26	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in linux4me2 Menu In Post menu-in-post allows DOM-Based XSS.This issue affects Menu In Post: from n/a through <= 1.4.1.
CVE-2026-22353	1 Wordpress	1 Wordpress	2026-01-26	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in winkm89 teachPress teachpress allows Stored XSS.This issue affects teachPress: from n/a through <= 9.0.12.
CVE-2026-22462	1 Wordpress	1 Wordpress	2026-01-26	N/A
Cross-Site Request Forgery (CSRF) vulnerability in richardevcom Add Polylang support for Customizer add-polylang-support-for-customizer allows Cross Site Request Forgery.This issue affects Add Polylang support for Customizer: from n/a through <= 1.4.5.
CVE-2026-22463	2 Micro.company, Wordpress	2 Form To Chat App, Wordpress	2026-01-26	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Micro.company Form to Chat App form-to-chat allows Stored XSS.This issue affects Form to Chat App: from n/a through <= 1.2.5.
CVE-2025-69042	1 Wordpress	1 Wordpress	2026-01-26	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Lindo lindo allows PHP Local File Inclusion.This issue affects Lindo: from n/a through <= 1.2.5.
CVE-2025-69044	1 Wordpress	1 Wordpress	2026-01-26	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Vango vango allows PHP Local File Inclusion.This issue affects Vango: from n/a through <= 1.3.3.
CVE-2026-20613	1 Apple	2 Container, Containerization	2026-01-26	7.8 High
The ArchiveReader.extractContents() function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using relative pathnames. This issue is addressed in container 0.8.0 and containerization 0.21.0.
CVE-2025-68609	1 Palantir	1 Aries	2026-01-26	6.6 Medium
A vulnerability in Palantir's Aries service allowed unauthenticated access to log viewing and management functionality on Apollo instances using default configuration. The defect resulted in both authentication and authorization checks being bypassed, potentially allowing any network-accessible client to view system logs and perform operations without valid credentials. No evidence of exploitation was identified during the vulnerability window.
CVE-2025-69060	1 Wordpress	1 Wordpress	2026-01-26	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes uReach ureach allows PHP Local File Inclusion.This issue affects uReach: from n/a through <= 1.3.3.
CVE-2025-69066	1 Wordpress	1 Wordpress	2026-01-26	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Indoor Plants indoor-plants allows PHP Local File Inclusion.This issue affects Indoor Plants: from n/a through <= 1.2.7.
CVE-2025-69070	1 Wordpress	1 Wordpress	2026-01-26	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tornados tornados allows PHP Local File Inclusion.This issue affects Tornados: from n/a through <= 2.1.
CVE-2025-69075	1 Wordpress	1 Wordpress	2026-01-26	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Yolox yolox allows PHP Local File Inclusion.This issue affects Yolox: from n/a through <= 1.0.15.
CVE-2025-69187	2 E-plugins, Wordpress	2 Final User, Wordpress	2026-01-26	N/A
Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Final User: from n/a through <= 1.2.5.
CVE-2025-9289	1 Tp-link	2 Omada Controller, Omada Software Controller	2026-01-26	N/A
A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If successful, an attacker could execute arbitrary JavaScript in the administrator’s browser, potentially exposing sensitive information and compromising confidentiality.
CVE-2026-20883	1 Gitea	1 Gitea	2026-01-26	6.5 Medium
Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches.
CVE-2025-69317	2 Scriptsbundle, Wordpress	2 Carspot, Wordpress	2026-01-26	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scriptsbundle CarSpot carspot allows Reflected XSS.This issue affects CarSpot: from n/a through < 2.4.6.
CVE-2026-22278	1 Dell	1 Powerscale Onefs	2026-01-26	8.1 High
Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2026-22348	1 Wordpress	1 Wordpress	2026-01-26	N/A
Missing Authorization vulnerability in Tasos Fel Civic Cookie Control civic-cookie-control-8 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Civic Cookie Control: from n/a through <= 1.53.
CVE-2026-22382	2 Mikado-themes, Wordpress	2 Pawfriends - Pet Shop And Veterinary Wordpress Theme, Wordpress	2026-01-26	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Cross Site Request Forgery.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through <= 1.3.
CVE-2026-22407	2 Mikado-themes, Wordpress	2 Roam, Wordpress	2026-01-26	N/A
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Roam roam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Roam: from n/a through <= 2.1.1.

« first previous Page 85 of 16495. next last »