Aggregator

A vulnerability was found in tobias_.MerZ Browser Caching with .htaccess Plugin 1.2.1 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2025-31439. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in phantom.omaga Toggle Box Plugin up to 1.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-31450. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in kevinweber wBounce Plugin up to 1.8.1 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-31451. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in misteraon Simple Trackback Disabler Plugin up to 1.4 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-31448. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Miguel Sirvent Magic Embeds Plugin up to 3.1.2 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-31433. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in David Miller WP-OGP Plugin up to 1.0.5 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-31437. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Mindshare Labs WP Ultimate Search Plugin up to 2.0.3 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-31452. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in NertWorks All in One Social Share Tools Plugin up to 1.26 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-31447. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Chop Chop Pop-Up Plugin up to 2.1.7 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is known as CVE-2025-31432. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been classified as critical. Affected is an unknown function of the file /parameter/getFileTypeList.jsp. The manipulation of the argument typename leads to sql injection. This vulnerability is traded as CVE-2025-2927. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #521263 / VDB-301902

A vulnerability, which was classified as problematic, was found in idcCMS 1.35. This affects an unknown part of the file /admin/vpsSys_deal.php?mudi=infoSet. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-35556. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in idcCMS 1.35 and classified as problematic. This vulnerability affects unknown code of the file /admin/ca_deal.php?mudi=rev&nohrefStr=close. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-35558. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in idcCMS 1.35 and classified as problematic. This issue affects some unknown processing of the file /admin/vpsApi_deal.php?mudi=rev&nohrefStr=close. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-35557. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in idcCMS 1.35. It has been classified as problematic. Affected is an unknown function of the file /admin/infoMove_deal.php?mudi=add&nohrefStr=close. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-35553. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in OpenKM up to 6.3.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/DatabaseQuery. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-35475. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in idcCMS 1.35. This affects an unknown part of the file /admin/ca_deal.php?mudi=del&dataType=&dataTypeCN. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-35560. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in idcCMS 1.35. This vulnerability affects unknown code of the file /admin/ca_deal.php?mudi=add&nohrefStr=close. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-35561. The attack can be initiated remotely. There is no exploit available.

软件臃肿启动缓慢怎么办？微软的回应是预加载。微软计划在 5 月推出名叫 Startup Boost 的自启动任务，旨在帮助 Microsoft Office 应用更快加载。在启用该任务的系统上，用户会在 Windows 任务管理器中看到两个新任务 Office Startup Boost 和 Office Startup Boost Logon。​Startup Boost 将只在内存至少 8 GB 和 5 GB 可用磁盘空间的系统上运行，确保它不会影响整体系统性能。一旦启用节能模式，该任务将会自动禁用。用户也可以关闭该任务，方法是在 Office 应用设置中选择 Options > General，取消 Startup Boost 的勾选项。

Submit #521262 / VDB-298110