Alerts

Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary...

The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters in all versions up to, and including, 3.0.1 due to insufficient...

The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to SQL Injection via several parameters in all versions up to, and including, 3.0.1 due to insufficient escaping on the...

Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could...

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation.

The Simple:Press Forum plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 6.10.11 due to insufficient input...

The Clinked Client Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'clinked-login-button' shortcode in all versions up to, and including,...

The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the...

The WP Image Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'file' parameter in all versions up to, and including, 1.0.1 due to insufficient input...

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by...