home.social

#cyber-security β€” Public Fediverse posts

Live and recent posts from across the Fediverse tagged #cyber-security, aggregated by home.social.

fetched live
  1. Gay & Lesbian Community Services Center Reported Data Breach Affecting Approximately 75,532 Individuals

    The Gay & Lesbian Community Services Center of Orange County reported a data breach affecting 75,532 individuals after unauthorized access to its network between December 25 and December 26, 2025. The Inc Ransom group claimed responsibility, and the exposed data may include personal and medical information. The organization is offering complimentary identity protection services.

    ****
    #cybersecurity #infosec #incident #databreach
    beyondmachines.net/event_detai

  2. Gay & Lesbian Community Services Center Reported Data Breach Affecting Approximately 75,532 Individuals

    The Gay & Lesbian Community Services Center of Orange County reported a data breach affecting 75,532 individuals after unauthorized access to its network between December 25 and December 26, 2025. The Inc Ransom group claimed responsibility, and the exposed data may include personal and medical information. The organization is offering complimentary identity protection services.

    ****
    #cybersecurity #infosec #incident #databreach
    beyondmachines.net/event_detai

  3. 🚨 EUVD-2026-43443

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Themify Builder
    🏒 Vendor: themifyme
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Builder themify-builder allows Reflected XSS.This issue affects Themify Builder: from n/a through <= 7.7.4.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  4. 🚨 EUVD-2026-43443

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Themify Builder
    🏒 Vendor: themifyme
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Builder themify-builder allows Reflected XSS.This issue affects Themify Builder: from n/a through <= 7.7.4.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  5. 🚨 EUVD-2026-43445

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: reCAPTCHA (v2 &amp; v3) for Asgaros Forum
    🏒 Vendor: Hitesh Chandwani
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hitesh Chandwani reCAPTCHA (v2 &amp; v3) for Asgaros Forum recaptcha-for-asgaros-forum allows DOM-Based XSS.This ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  6. 🚨 EUVD-2026-43445

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: reCAPTCHA (v2 &amp; v3) for Asgaros Forum
    🏒 Vendor: Hitesh Chandwani
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hitesh Chandwani reCAPTCHA (v2 &amp; v3) for Asgaros Forum recaptcha-for-asgaros-forum allows DOM-Based XSS.This ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  7. 🚨 EUVD-2026-43446

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Chatbot
    🏒 Vendor: QuantumCloud
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud ChatBot chatbot allows Stored XSS.This issue affects ChatBot: from n/a through <= 8.3.7.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  8. 🚨 EUVD-2026-43446

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Chatbot
    🏒 Vendor: QuantumCloud
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud ChatBot chatbot allows Stored XSS.This issue affects ChatBot: from n/a through <= 8.3.7.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  9. 🚨 EUVD-2026-43447

    πŸ“Š Score: 8.8/10 (CVSS v3.1)
    πŸ“¦ Product: WPJAM Basic
    🏒 Vendor: Denishua
    πŸ“… Updated: 2026-07-13

    πŸ“ Deserialization of Untrusted Data vulnerability in denishua WPJAM Basic wpjam-basic allows Object Injection.This issue affects WPJAM Basic: from n/a through <= 7.0.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  10. 🚨 EUVD-2026-43447

    πŸ“Š Score: 8.8/10 (CVSS v3.1)
    πŸ“¦ Product: WPJAM Basic
    🏒 Vendor: Denishua
    πŸ“… Updated: 2026-07-13

    πŸ“ Deserialization of Untrusted Data vulnerability in denishua WPJAM Basic wpjam-basic allows Object Injection.This issue affects WPJAM Basic: from n/a through <= 7.0.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  11. 🚨 EUVD-2026-43448

    πŸ“Š Score: 7.2/10 (CVSS v3.1)
    πŸ“¦ Product: WPJAM Basic
    🏒 Vendor: Denishua
    πŸ“… Updated: 2026-07-13

    πŸ“ Server-Side Request Forgery (SSRF) vulnerability in denishua WPJAM Basic wpjam-basic allows Server Side Request Forgery.This issue affects WPJAM Basic: from n/a through <= 7.0.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  12. 🚨 EUVD-2026-43448

    πŸ“Š Score: 7.2/10 (CVSS v3.1)
    πŸ“¦ Product: WPJAM Basic
    🏒 Vendor: Denishua
    πŸ“… Updated: 2026-07-13

    πŸ“ Server-Side Request Forgery (SSRF) vulnerability in denishua WPJAM Basic wpjam-basic allows Server Side Request Forgery.This issue affects WPJAM Basic: from n/a through <= 7.0.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  13. 🚨 EUVD-2026-43450

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Jobmonster
    🏒 Vendor: NooTheme
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflected XSS.This issue affects Jobmonster: from n/a through <= 4.8.5.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  14. 🚨 EUVD-2026-43451

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Better Payment – Instant Payments, Donations, Fundraising with Subscriptions &amp; More
    🏒 Vendor: WPDeveloper
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Validation of Specified Quantity in Input vulnerability in WPDeveloper Better Payment – Instant Payments, Donations, Fundraising with Subscriptions &amp; More better...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  15. 🚨 EUVD-2026-43450

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Jobmonster
    🏒 Vendor: NooTheme
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster noo-jobmonster allows Reflected XSS.This issue affects Jobmonster: from n/a through <= 4.8.5.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  16. 🚨 EUVD-2026-43451

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Better Payment – Instant Payments, Donations, Fundraising with Subscriptions &amp; More
    🏒 Vendor: WPDeveloper
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Validation of Specified Quantity in Input vulnerability in WPDeveloper Better Payment – Instant Payments, Donations, Fundraising with Subscriptions &amp; More better...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  17. 🚨 EUVD-2026-43442

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: WowAddons
    🏒 Vendor: wpxpo
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in WPXPO WowAddons product-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowAddons: from n/a through <= 1.6.8.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  18. 🚨 EUVD-2026-43444

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: ElementInvader Addons for Elementor
    🏒 Vendor: Element Invader
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows DOM-Based XSS.This issue ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  19. 🚨 EUVD-2026-43444

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: ElementInvader Addons for Elementor
    🏒 Vendor: Element Invader
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows DOM-Based XSS.This issue ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  20. 🚨 EUVD-2026-43442

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: WowAddons
    🏒 Vendor: wpxpo
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in WPXPO WowAddons product-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowAddons: from n/a through <= 1.6.8.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  21. 🚨 EUVD-2026-43449

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: MStore API
    🏒 Vendor: FluxBuilder
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in FluxBuilder MStore API mstore-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MStore API: from n/a through <= 4.18.4.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  22. 🚨 EUVD-2026-43449

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: MStore API
    🏒 Vendor: FluxBuilder
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in FluxBuilder MStore API mstore-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MStore API: from n/a through <= 4.18.4.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  23. 🚨 EUVD-2026-43452

    πŸ“Š Score: 7.5/10 (CVSS v3.1)
    πŸ“¦ Product: Advanced Forms
    🏒 Vendor: Phil Kurth
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in Phil Kurth Advanced Forms advanced-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Forms: from n/a through <= 1.9.3.7.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  24. 🚨 EUVD-2026-43452

    πŸ“Š Score: 7.5/10 (CVSS v3.1)
    πŸ“¦ Product: Advanced Forms
    🏒 Vendor: Phil Kurth
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in Phil Kurth Advanced Forms advanced-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Forms: from n/a through <= 1.9.3.7.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  25. 🚨 EUVD-2026-43453

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Extensions for Leaflet Map
    🏒 Vendor: hupe13
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a thro...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  26. 🚨 EUVD-2026-43453

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Extensions for Leaflet Map
    🏒 Vendor: hupe13
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a thro...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  27. 🚨 EUVD-2026-43454

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: FormyChat
    🏒 Vendor: WPPOOL
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPPOOL FormyChat social-contact-form allows Stored XSS.This issue affects FormyChat: from n/a through <= 2.15.3.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  28. 🚨 EUVD-2026-43454

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: FormyChat
    🏒 Vendor: WPPOOL
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPPOOL FormyChat social-contact-form allows Stored XSS.This issue affects FormyChat: from n/a through <= 2.15.3.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  29. 🚨 EUVD-2026-43455

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: PropertyHive
    🏒 Vendor: Property Hive
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Property Hive PropertyHive propertyhive allows Reflected XSS.This issue affects PropertyHive: from n/a through <= 2.2.3.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  30. 🚨 EUVD-2026-43456

    πŸ“Š Score: 8.8/10 (CVSS v3.1)
    πŸ“¦ Product: aBlocks
    🏒 Vendor: Kodezen LLC
    πŸ“… Updated: 2026-07-13

    πŸ“ Incorrect Privilege Assignment vulnerability in Kodezen LLC aBlocks ablocks allows Privilege Escalation.This issue affects aBlocks: from n/a through < 2.9.1.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  31. 🚨 EUVD-2026-43455

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: PropertyHive
    🏒 Vendor: Property Hive
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Property Hive PropertyHive propertyhive allows Reflected XSS.This issue affects PropertyHive: from n/a through <= 2.2.3.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  32. 🚨 EUVD-2026-43456

    πŸ“Š Score: 8.8/10 (CVSS v3.1)
    πŸ“¦ Product: aBlocks
    🏒 Vendor: Kodezen LLC
    πŸ“… Updated: 2026-07-13

    πŸ“ Incorrect Privilege Assignment vulnerability in Kodezen LLC aBlocks ablocks allows Privilege Escalation.This issue affects aBlocks: from n/a through < 2.9.1.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  33. 🚨 EUVD-2026-43457

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Simple File List
    🏒 Vendor: Mitchell Bennis
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mitchell Bennis Simple File List simple-file-list allows Reflected XSS.This issue affects Simple File List: from n/a through <= 6.3.8.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  34. 🚨 EUVD-2026-43457

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Simple File List
    🏒 Vendor: Mitchell Bennis
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mitchell Bennis Simple File List simple-file-list allows Reflected XSS.This issue affects Simple File List: from n/a through <= 6.3.8.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  35. 🚨 EUVD-2026-43458

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: JobSearch
    🏒 Vendor: eyecix
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Stored XSS.This issue affects JobSearch: from n/a through <= 3.2.9.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  36. 🚨 EUVD-2026-43458

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: JobSearch
    🏒 Vendor: eyecix
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Stored XSS.This issue affects JobSearch: from n/a through <= 3.2.9.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  37. 🚨 EUVD-2026-43459

    πŸ“Š Score: 8.5/10 (CVSS v3.1)
    πŸ“¦ Product: Vitepos
    🏒 Vendor: appsbd
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in appsbd Vitepos vitepos-lite allows Blind SQL Injection.This issue affects Vitepos: from n/a through <= 3.4.2.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  38. 🚨 EUVD-2026-43459

    πŸ“Š Score: 8.5/10 (CVSS v3.1)
    πŸ“¦ Product: Vitepos
    🏒 Vendor: appsbd
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in appsbd Vitepos vitepos-lite allows Blind SQL Injection.This issue affects Vitepos: from n/a through <= 3.4.2.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  39. 🚨 EUVD-2026-43460

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: picu
    🏒 Vendor: picu
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in picu picu picu allows Stored XSS.This issue affects picu: from n/a through <= 3.5.1.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  40. 🚨 EUVD-2026-43460

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: picu
    🏒 Vendor: picu
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in picu picu picu allows Stored XSS.This issue affects picu: from n/a through <= 3.5.1.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  41. 🚨 EUVD-2026-43461

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Hydra Booking
    🏒 Vendor: Themefic
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a through <= 1.1.44.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  42. 🚨 EUVD-2026-43461

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Hydra Booking
    🏒 Vendor: Themefic
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a through <= 1.1.44.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  43. 🚨 EUVD-2026-43462

    πŸ“Š Score: 8.6/10 (CVSS v3.1)
    πŸ“¦ Product: Groundhogg
    🏒 Vendor: Adrian Tobey
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Adrian Tobey Groundhogg groundhogg allows Path Traversal.This issue affects Groundhogg: from n/a through <= 4.4.1.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  44. 🚨 EUVD-2026-43462

    πŸ“Š Score: 8.6/10 (CVSS v3.1)
    πŸ“¦ Product: Groundhogg
    🏒 Vendor: Adrian Tobey
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Adrian Tobey Groundhogg groundhogg allows Path Traversal.This issue affects Groundhogg: from n/a through <= 4.4.1.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  45. 🚨 EUVD-2026-43463

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Extra Product Options Builder for WooCommerce
    🏒 Vendor: edgarrojas
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in EDGARROJAS Extra Product Options Builder for WooCommerce additional-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This is...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  46. 🚨 EUVD-2026-43463

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Extra Product Options Builder for WooCommerce
    🏒 Vendor: edgarrojas
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in EDGARROJAS Extra Product Options Builder for WooCommerce additional-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This is...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  47. 🚨 EUVD-2026-43464

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Loops & Logic
    🏒 Vendor: Tangible
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tangible Loops & Logic tangible-loops-and-logic allows Stored XSS.This issue affects Loops & Logic: from n/a through <= 4.2.3.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  48. 🚨 EUVD-2026-43464

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Loops & Logic
    🏒 Vendor: Tangible
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tangible Loops & Logic tangible-loops-and-logic allows Stored XSS.This issue affects Loops & Logic: from n/a through <= 4.2.3.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  49. 🚨 EUVD-2026-43465

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Tourfic
    🏒 Vendor: Themefic
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through <= 2.22.5.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  50. 🚨 EUVD-2026-43465

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Tourfic
    🏒 Vendor: Themefic
    πŸ“… Updated: 2026-07-13

    πŸ“ Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through <= 2.22.5.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  51. 🚨 EUVD-2026-43466

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Newsletters
    🏒 Vendor: Tribulant Software
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Reflected XSS.This issue affects Newsletters: from n/a through <= 4.14.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  52. 🚨 EUVD-2026-43466

    πŸ“Š Score: 7.1/10 (CVSS v3.1)
    πŸ“¦ Product: Newsletters
    🏒 Vendor: Tribulant Software
    πŸ“… Updated: 2026-07-13

    πŸ“ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Reflected XSS.This issue affects Newsletters: from n/a through <= 4.14.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  53. 🚨 EUVD-2026-43467

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: WooCommerce PDF Invoice Builder
    🏒 Vendor: edgarrojas
    πŸ“… Updated: 2026-07-13

    πŸ“ Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce P...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  54. 🚨 EUVD-2026-43467

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: WooCommerce PDF Invoice Builder
    🏒 Vendor: edgarrojas
    πŸ“… Updated: 2026-07-13

    πŸ“ Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce P...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  55. 🚨 EUVD-2026-43496

    πŸ“Š Score: 9.3/10 (CVSS v3.1)
    πŸ“¦ Product: Flamingo
    🏒 Vendor: VITEC
    πŸ“… Updated: 2026-07-13

    πŸ“ Vitec Flamingo 4.12.2 contains an unauthenticated OS command injection vulnerability in the admin/ajax/ping.php endpoint that allows remote attackers to execute arbitrary commands by exploiting a double-evaluation flaw in shell argument handling. The endpoint...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  56. 🚨 EUVD-2026-43496

    πŸ“Š Score: 9.3/10 (CVSS v3.1)
    πŸ“¦ Product: Flamingo
    🏒 Vendor: VITEC
    πŸ“… Updated: 2026-07-13

    πŸ“ Vitec Flamingo 4.12.2 contains an unauthenticated OS command injection vulnerability in the admin/ajax/ping.php endpoint that allows remote attackers to execute arbitrary commands by exploiting a double-evaluation flaw in shell argument handling. The endpoint...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  57. 🚨 EUVD-2026-43497

    πŸ“Š Score: 9.3/10 (CVSS v3.1)
    πŸ“¦ Product: Flamingo
    🏒 Vendor: VITEC
    πŸ“… Updated: 2026-07-13

    πŸ“ Vitec Flamingo 4.12.2 contains an unauthenticated OS command injection vulnerability in the admin/ajax/gen_graphs.php endpoint that allows remote unauthenticated attackers to execute arbitrary commands by supplying shell metacharacters in the start, end, key,...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  58. 🚨 EUVD-2026-43497

    πŸ“Š Score: 9.3/10 (CVSS v3.1)
    πŸ“¦ Product: Flamingo
    🏒 Vendor: VITEC
    πŸ“… Updated: 2026-07-13

    πŸ“ Vitec Flamingo 4.12.2 contains an unauthenticated OS command injection vulnerability in the admin/ajax/gen_graphs.php endpoint that allows remote unauthenticated attackers to execute arbitrary commands by supplying shell metacharacters in the start, end, key,...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability