Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions.
Subscriber Broken Access Control in MetForm Pro <= 3.9.1 versions.
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.
Subscriber SQL Injection in WooCommerce Frontend Manager โ Ultimate < 6.7.7 versions.
Subscriber Arbitrary File Download in Woocommerce Book Price <= 1.3 versions.
Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.
Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions.
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions.
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions.
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency (tRNS) data, during image processing. When images are converted to RGB, transparency information...
Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)