Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS …
xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single …
The ParityPress – Parity Pricing with Discount Rules plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ‘Discount …
The Master Currency WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s currencyconverterform shortcode …
The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized email creation and sending due to a missing …
The Intelligence plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.0. This is due the …
The Aramex Shipping WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.1.21. …
The Admin Post Navigation plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1. This is due …
The Add Admin JavaScript plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due …
The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to …
The One Click Close Comments plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.7.1. This …
The Admin Trim Interface plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.1. This is …
●●●
NVD
EXPLOITS
SECURELIST