CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10852 articles  ·  updated every 4 hours · grows forever

10852Total
4266Full Text
Jul 06, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20079 | jamie Dharma Booking up to 2.28.3 proccess.php gateway filename control (Exploit 39592 / EDB-39592)

A vulnerability labeled as problematic has been found in jamie Dharma Booking up to 2.28.3 . Affected by this vulnerability is an unknown functionality of the file proccess.php . Such manipulation of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20081 | Husain HB Audio Gallery Lite 1.0.0 on WordPress audio-download.php file_path path traversal (Exploit 39589 / EDB-39589)

A vulnerability marked as critical has been reported in Husain HB Audio Gallery Lite 1.0.0 on WordPress. Affected by this issue is some unknown functionality of the file audio-download.php . Performin…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20067 | dwbooster CP Polls Plugin 1.0.8 on WordPress cross-site request forgery (Exploit 39513 / EDB-39513)

A vulnerability described as problematic has been identified in dwbooster CP Polls Plugin 1.0.8 on WordPress. This affects an unknown part. Executing a manipulation can lead to cross-site request forg…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20084 | dwbooster Booking Calendar Contact Plugin up to 1.1.24 on WordPress Administration Interface admin.php cross site scripting (Exploit 39341 / EDB-39341)

A vulnerability classified as problematic has been found in dwbooster Booking Calendar Contact Plugin up to 1.1.24 on WordPress. This vulnerability affects unknown code of the file admin.php of the co…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20074 | leethompson Lazy Content Slider Plugin 3.4 on WordPress Setting lzcs_admin.php cross-site request forgery (Exploit 40070 / EDB-40070)

A vulnerability classified as problematic was found in leethompson Lazy Content Slider Plugin 3.4 on WordPress. This issue affects some unknown processing of the file lzcs_admin.php of the component S…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20080 | Brandfolder Plugin up to 3.0 on WordPress callback.php wp_abspath filename control (Exploit 39591 / EDB-39591)

A vulnerability, which was classified as problematic , has been found in Brandfolder Plugin up to 3.0 on WordPress. Impacted is an unknown function of the file callback.php . This manipulation of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20077 | KaymeePhotography Photocart Link 1.6 on WordPress Configuration Data decode.php ID filename control (Exploit 39623 / EDB-39623)

A vulnerability, which was classified as problematic , was found in KaymeePhotography Photocart Link 1.6 on WordPress. The affected element is an unknown function of the file decode.php of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20082 | Abtest 1.0.6 on WordPress abtest_admin.php action filename control (Exploit 39577 / EDB-39577)

A vulnerability has been found in Abtest 1.0.6 on WordPress and classified as problematic . The impacted element is an unknown function of the file abtest_admin.php . Performing a manipulation of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20069 | dwbooster Booking Calendar Contact Form up to 1.0.23 Shortcode calendar sql injection (Exploit 39423 / EDB-39423)

A vulnerability was found in dwbooster Booking Calendar Contact Form up to 1.0.23 and classified as critical . This affects an unknown function of the component Shortcode Handler . Executing a manipul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20070 | dwbooster Booking Calendar Contact Form up to 1.0.23 admin-ajax.php cross site scripting (Exploit 39423 / EDB-39423)

A vulnerability was found in dwbooster Booking Calendar Contact Form up to 1.0.23 . It has been classified as problematic . This impacts an unknown function of the file admin-ajax.php . The manipulati…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20083 | henrikmelin More Fields Plugin 2.1 on WordPress Edit Page options-general.php cross-site request forgery (Exploit 39507 / EDB-39507)

A vulnerability was found in henrikmelin More Fields Plugin 2.1 on WordPress. It has been declared as problematic . Affected is an unknown function of the file options-general.php of the component Edi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20071 | 404-redirection-manager 404 Redirection Manager Plugin 1.0 on WordPress GET Request sql injection (Exploit 40941 / EDB-40941)

A vulnerability was found in 404-redirection-manager 404 Redirection Manager Plugin 1.0 on WordPress. It has been rated as critical . Affected by this vulnerability is an unknown functionality of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20066 | dwbooster CP Polls Plugin 1.0.8 on WordPress cross site scripting (Exploit 39513 / EDB-39513)

A vulnerability categorized as problematic has been discovered in dwbooster CP Polls Plugin 1.0.8 on WordPress. Affected by this issue is some unknown functionality. Such manipulation leads to cross s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2016-20072 | bbsetheme BBS e-Franchise 1.1.1 on WordPress Shortcode uid sql injection (Exploit 40782 / EDB-40782)

A vulnerability identified as critical has been detected in bbsetheme BBS e-Franchise 1.1.1 on WordPress. This affects an unknown part of the component Shortcode Handler . Performing a manipulation of…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2018-25437 | Cherryframework Cherry Framework Themes 3.1.4 on WordPress download_backup.php missing authentication (Exploit 45896 / EDB-45896)

A vulnerability labeled as critical has been found in Cherryframework Cherry Framework Themes 3.1.4 on WordPress. This vulnerability affects unknown code of the file download_backup.php . Executing a …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2019-25746 | SlicedInvoices Sliced Invoices Plugin 3.8.2 on WordPress admin.php post sql injection (Exploit 47540 / EDB-47540)

A vulnerability marked as critical has been reported in SlicedInvoices Sliced Invoices Plugin 3.8.2 on WordPress. This issue affects some unknown processing of the file admin.php . The manipulation of…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-52704 | Edgar Rojas WooCommerce PDF Invoice Builder Plugin up to 2.0.8 on WordPress code injection

A vulnerability described as critical has been identified in Edgar Rojas WooCommerce PDF Invoice Builder Plugin up to 2.0.8 on WordPress. Impacted is an unknown function. The manipulation results in c…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-5079 | multer up to 2.1.x/3.0.0-alpha.1 Multipart resource consumption (GHSA-72gw-mp4g-v24j)

A vulnerability classified as problematic has been found in multer up to 2.1.x/3.0.0-alpha.1 . The affected element is an unknown function of the component Multipart Handler . This manipulation causes…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2025-64215 | StylemixThemes MasterStudy LMS Pro Plugin up to 4.7.15 on WordPress authorization

A vulnerability classified as critical was found in StylemixThemes MasterStudy LMS Pro Plugin up to 4.7.15 on WordPress. The impacted element is an unknown function. Such manipulation leads to missing…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-49062 | WP Engine Faust.js Plugin up to 1.8.7 on WordPress authentication bypass

A vulnerability, which was classified as critical , has been found in WP Engine Faust.js Plugin up to 1.8.7 on WordPress. This affects an unknown function. Performing a manipulation results in authent…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-5230 | MIA Pizzy Library prior 1.3.9.26250 access control

A vulnerability, which was classified as critical , was found in MIA Pizzy Library . This impacts an unknown function. Executing a manipulation can lead to improper access controls. This vulnerability…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-5242 | MIA Pizzy Library prior 1.3.9.26250 CSV File csv injection

A vulnerability has been found in MIA Pizzy Library and classified as critical . Affected is an unknown function of the component CSV File Handler . The manipulation leads to csv injection. This vulne…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-49064 | Stiofan GetPaid Plugin up to 2.8.49 on WordPress insertion of sensitive information into sent data

A vulnerability was found in Stiofan GetPaid Plugin up to 2.8.49 on WordPress and classified as problematic . Affected by this vulnerability is an unknown functionality. The manipulation results in in…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-6517 | Mattermost Desktop App up to 5.5.13/6.1.x insufficiently protected credentials

A vulnerability was found in Mattermost Desktop App up to 5.5.13/6.1.x . It has been classified as problematic . Affected by this issue is some unknown functionality. This manipulation causes insuffic…

VulDB Read →
← Prev 92 / 453 Next →