CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
The Advanced Import plugin for WordPress is vulnerable to Server-Side Request Forgery (SSRF) in all versions up to and including 1.4.6. The issue arises from the lack of validation of the user-supplied URL in the demo_download_and_unzip() function, allowing requests to be sent to internal network resources.
The Appointment Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via custom booking field labels in all versions up to and including 1.4.4 due to insufficient input sanitization and output escaping.
Versions of the package ts-deepmerge before 8.0.0 are vulnerable to Uncaught Exception due to the improper handling of built-in Object.prototype methods (such as toString, valueOf). When user-controlled input contains these keys with non-function values, the resulting merged object becomes broken, leading to TypeError crashes.
The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 2.1.45 due to insufficient input sanitization and output escaping.
The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId attribute of the Gutenberg block in versions up to 4.5.3. This is due to insufficient input sanitization and output escaping in the CategorySlateLayout::render() method.
The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 2.8.7. This allows unauthenticated attackers to make web requests to arbitrary locations, enabling access to internal services.
A vulnerability has been identified in armeria-xds versions 1.38.0 through 1.39.0, where DataSourceStream in the xDS module can resolve control-plane-supplied filenames and environment variables without restriction.
The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 5.4.2. This is due to a missing capability/ownership check on the gallery_image_update_as_feature AJAX handler, allowing authenticated attackers to change the featured image of arbitrary listings they do not own.
Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate or join token can manipulate files in an imported remote cluster.
The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 3.1.39. This is due to the plugin not properly verifying that a user is authorized to perform an action, allowing unauthenticated attackers to process SAR requests using any victim email address.
The User Admin Simplifier plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 3.0.0. This is due to missing or incorrect nonce validation on the useradminsimplifier_options_page function, allowing unauthenticated attackers to reset and permanently delete users' menu and admin-bar configurations.
An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection.
An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values.
SQL injection vulnerability in pgAdmin 4's named restore point endpoint (POST /browser/server/restore_point/{gid}/{sid}). The user-supplied 'value' field was interpolated directly into the SQL string with str.format() instead of being passed as a bound parameter, allowing an authenticated pgAdmin user with a connected PostgreSQL session to inject additional statements through that endpoint.
Open redirect vulnerability in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honored the user-supplied 'next' parameter without confirming the target points back to pgAdmin, allowing an authenticated user to be redirected to an external attacker-controlled host.
PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. The lack of agent ID uniqueness enforcement enables sharing ledger instances and exposing system prompts and conversation history between agents.
PraisonAI versions before 1.5.128 cache tool approval decisions based only on tool name, not invocation arguments, allowing subsequent execute_command calls to bypass approval prompts.
phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController, allowing unauthorized operations on four API endpoints.
Hashgraph Guardian up to version 3.6.0 contains a stored cross-site scripting (XSS) vulnerability that allows authenticated users with the STANDARD_REGISTRY role to inject malicious scripts by submitting a crafted companyName value via the branding configuration API.
In OpenEXR versions 3.4.0 through 3.4.11, a heap-buffer-overflow READ vulnerability exists in the ht_undo_impl() function of the HTJ2K decoder. The issue arises from missing validation of the OpenJPH line buffer size against the declared EXR channel width, leading to deterministic crashes (DoS) and potential adjacent heap leak.

