CVE-2021-24867
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded...
CVE-2021-24921
The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to...
CVE-2021-25055
The FeedWordPress plugin before 2022.0123 is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter. Read More
CVE-2021-25057
The Translation Exchange WordPress plugin through 1.0.14 was vulnerable to Authenticated Stored Cross-Site Scripting (XSS) within the Project Key text field found in the plugin's...
CVE-2021-25058
The Buffer Button WordPress plugin through 1.0 was vulnerable to Authenticated Stored Cross Site Scripting (XSS) within the Twitter username to mention text field. Read...
CVE-2021-25060
The Five Star Business Profile and Schema WordPress plugin before 2.1.7 does not have any authorisation and CSRF in its bpfwp_welcome_add_contact_page and bpfwp_welcome_set_contact_information AJAX action,...
CVE-2021-25069
The Download Manager WordPress plugin before 3.2.34 does not sanitise and escape the package_ids parameter before using it in a SQL statement, leading to a...
CVE-2021-25075
The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has a flawed CSRF check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action,...
libxml2-2.9.13-1.fc34
FEDORA-2022-050c712ed7 Packages in this update: libxml2-2.9.13-1.fc34 Update description: Update to 2.9.13 Fix CVE-2022-23308 Read More
mingw-expat-2.4.6-1.fc35
FEDORA-2022-3d9d67f558 Packages in this update: mingw-expat-2.4.6-1.fc35 Update description: Update to expat-2.4.6, see https://github.com/libexpat/libexpat/blob/R_2_4_6/expat/Changes for details. Read More