|
4621
|
5.4 |
MEDIUM
Network
|
-
|
-
|
The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minify_html…
|
CWE-352
Origin Validation Error
|
CVE-2026-3191
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4622
|
7.2 |
HIGH
Network
|
-
|
-
|
The Query Monitor – The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘$_SERVER['REQUEST_URI']’ parameter in all versions up to, and…
|
CWE-79
Cross-site Scripting
|
CVE-2026-4267
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4623
|
7.5 |
HIGH
Network
|
apache
|
log4j
|
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to…
|
CWE-117
CWE-684
Improper Output Neutralization for Logs
Incorrect Provision of Specified Functionality
|
CVE-2026-34478
|
2026-04-25 03:10 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4624
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
can: usb: f81604: correctly anchor the urb in the read bulk callback
When submitting an urb, that is using the anchor pattern, it…
|
NVD-CWE-noinfo
|
CVE-2026-23347
|
2026-04-25 03:10 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4625
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
can: usb: f81604: anclar correctamente el urb en la devolución de llamada de lectura masiva
Al enviar un urb, que está usando el…
|
NVD-CWE-noinfo
|
CVE-2026-23347
|
2026-04-25 03:10 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4626
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
cxl: Fix race of nvdimm_bus object when creating nvdimm objects
Found issue during running of cxl-translate.sh unit test. Adding …
|
CWE-362
Race Condition
|
CVE-2026-23348
|
2026-04-25 03:08 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4627
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
cxl: Corrige la condición de carrera del objeto nvdimm_bus al crear objetos nvdimm
Se encontró el problema durante la ejecución …
|
CWE-362
Race Condition
|
CVE-2026-23348
|
2026-04-25 03:08 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4628
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Extend Themes Kubio AI Page Builder allows Stored XSS.This issue affects Kubio AI Page Builder: f…
|
CWE-79
Cross-site Scripting
|
CVE-2026-34887
|
2026-04-25 03:08 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4629
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en Extend Themes Kubio AI Page Builder permite XSS Almacenado. Este problema afect…
|
CWE-79
Cross-site Scripting
|
CVE-2026-34887
|
2026-04-25 03:08 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4630
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affect…
|
CWE-79
Cross-site Scripting
|
CVE-2026-34889
|
2026-04-25 03:08 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
