ProudMuBai GoFilm FileController.go SingleUpload unrestricted upload

ProudMuBai GoFilm ProudMuBai GoFilm

opsre go-ldap-admin JWT docker-compose.yaml hard-coded key

opsre go-ldap-admin

Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection

stevejburge Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI taxopress taxopress

Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution <= 1.9.11 - Authenticated (Subscriber+) Missing Authorization to Calendar Import and Management

techjewel Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution

Autoptimize <= 3.1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting

optimizingmatters Autoptimize

WP Directory Kit <= 1.4.4 - Authentication Bypass to Privilege Escalation via Account Takeover

listingthemes WP Directory Kit wpdirectorykit wp_directory_kit

Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Taxonomy Term Manipulation

stevejburge Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI taxopress taxopress

HUSKY – Products Filter Professional for WooCommerce <= 1.3.7.2 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'woof_add_query/woof_remove_query'

realmag777 HUSKY – Products Filter Professional for WooCommerce

ShopEngine <= 4.8.5 - Cross-Site Request Forgery to Wishlist Manipulation

roxnor ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

Frontend Admin by DynamiApps <= 3.28.20 - Unauthenticated Arbitrary Options Update

shabti Frontend Admin by DynamiApps

Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.1 - Missing Authorization to Authenticated (Subscriber+) OAuth Token Update

saadiqbal Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App

Livestatus Injection in dynmaps

Nagvis Nagvis nagvis nagvis

Webkit: webkitgtk: remote user-assisted information disclosure via file drag-and-drop

The WebKitGTK Team webkitgtk Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support +16个

Missing authorization in BlazeMeter Jenkins Plugin

Perforce BlazeMeter

Abrt: command-injection in abrt leading to local privilege escalation

Red Hat Red Hat Enterprise Linux 6 Red Hat Red Hat Enterprise Linux 7 +1个

Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass.Thi...

ESTsoft ALZip

Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

Wireshark Foundation Wireshark wireshark wireshark

Improperly Controlled Sequential Memory Allocation in Wireshark

Wireshark Foundation Wireshark wireshark wireshark

Advanced Custom Fields: Extended 0.9.0.5 - 0.9.1.1 - Unauthenticated Remote Code Execution in prepare_form

hwk-fr Advanced Custom Fields: Extended

Timetable and Event Schedule by MotoPress < 2.4.16 - Contributor+ Event Disclosure via IDOR

Unknown Timetable and Event Schedule by MotoPress