A vulnerability was found in Youzify Plugin up to 1.3.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function delete_user_review/delete_review. The manipulation leads to missing authorization.
This vulnerabi…
A vulnerability was found in ibsofts Boom Fest Plugin up to 2.2.1 on WordPress. It has been classified as problematic. Affected is the function bf_admin_action of the component Setting Handler. The manipulation leads to missing authorization.
This vul…
A vulnerability was found in nmedia GoHero Store Customizer for WooCommerce Plugin up to 3.5 on WordPress and classified as problematic. This issue affects the function wooh_action_settings_save_frontend of the component Setting Handler. The manipulati…
Recently I noticed oam_tools which gives the ability to have Amass results as a list of domains, is removed! Its github page is totally removed! and I’ve spent some time searching for its replacement but there is none.
How to have amass r…
A vulnerability has been found in Flexmls IDX Plugin up to 3.14.26 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation of the argument api_key/api_secret leads to cross site scripting.
This vulnerabili…
A vulnerability, which was classified as problematic, was found in skyverge Custom Product Tabs Lite for WooCommerce Plugin up to 1.9.0 on WordPress. This affects an unknown part. The manipulation of the argument frs_woo_product_tabs leads to deseriali…
A vulnerability, which was classified as critical, has been found in plethoraplugins Plethora Plugins Tabs and Accordions Plugin up to 1.1.8 on WordPress. Affected by this issue is some unknown functionality. The manipulation of the argument anchor lea…
A vulnerability classified as critical was found in ThemeREX Addons Plugin up to 2.33.0 on WordPress. Affected by this vulnerability is the function trx_sc_reviews of the component Shortcode Handler. The manipulation of the argument type leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).
This vulnerability is known as CVE-2025-0682. The attack can be launched remotely. There is no exploit available.
A vulnerability classified as critical has been found in SunGrow WiNet up to 200.001.00.P027. Affected is an unknown function of the component MQTT Message Handler. The manipulation leads to stack-based buffer overflow.
This vulnerability is traded as…
A vulnerability was found in SunGrow WiNet up to 200.001.00.P027. It has been rated as critical. This issue affects some unknown processing of the component MQTT Message Handler. The manipulation leads to stack-based buffer overflow.
The identificatio…
