Bootstrap
Monthly
Sensitive data exposure in the Visual Link Preview WordPress plugin (versions up to and including 2.4.1) allows authenticated users with subscriber-level access to access restricted data they should not be authorized to view. The vulnerability stems from insufficient access controls over sensitive system information (CWE-497), permitting any logged-in subscriber to trigger a disclosure endpoint or functionality that returns protected data. No active exploitation has been confirmed by CISA KEV and no public exploit code has been identified at time of analysis, though the low privilege bar makes this accessible to any registered WordPress user.
Stored cross-site scripting in the Bootstrap Shortcode plugin for WordPress allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript into pages via the `box` shortcode, executing malicious scripts whenever users view affected pages. The vulnerability exists in all versions up to 1.0 due to insufficient input sanitization and output escaping. No public exploit code or active exploitation has been identified at this time.
Stored cross-site scripting in Slider Bootstrap Carousel WordPress plugin up to version 1.0.7 allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript via unsanitized 'category' and 'template' shortcode attributes, executing malicious scripts in pages viewed by any user. The vulnerability stems from improper use of extract() on shortcode attributes combined with missing output escaping (esc_attr()) on multiple HTML attributes, enabling persistent XSS injection that affects site security and user data.
Unauthenticated SQL injection in Bootstrapy CMS allows remote attackers to extract sensitive database information or cause denial of service through multiple POST parameters in forum and contact modules. The vulnerability affects forum-thread.php (thread_id), contact-submit.php (subject), and post-new-submit.php (post-id) endpoints. Public exploit code exists via Exploit-DB #46590, though EPSS probability remains low at 0.06% (19th percentile), suggesting limited real-world exploitation despite ease of attack (AV:N/AC:L/PR:N). SSVC framework confirms proof-of-concept availability and automated exploitation potential with partial technical impact.
The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in post.php in bootstrap-multiselect (aka Bootstrap Multiselect) 1.1.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting (XSS).0.0 before 1.13.0, from 3.0.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in Oracle Java SE (component: Compiler). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity.
A vulnerability classified as problematic was found in vim up to 9.1.1096. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. Public exploit code available.
A double-close vulnerability exists in libcurl when tearing down connection channels after threaded name resolution, causing the same eventfd file descriptor to be closed twice. This affects curl version 8.11.1 and various NetApp products that bundle libcurl, potentially leading to file descriptor confusion, limited information disclosure, and high availability impact. A public proof-of-concept exploit is available (HackerOne report 2954286), and the vulnerability has a notably high EPSS score of 6.37% (91st percentile), indicating elevated real-world exploitation likelihood.
When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.9 via the path parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try. Rated medium severity (CVSS 4.2).
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to exploit a signal handler race condition by failing to authenticate within the LoginGraceTime window, potentially yielding root-level code execution on glibc-based Linux systems. The flaw - widely known as 'regreSSHion' - affects numerous distributions and vendor appliances including Ubuntu 23.10/24.04, AlmaLinux 9, SonicWall SMA firmware, Arista EOS, NetApp ONTAP, and others. Publicly available exploit code exists and EPSS scores it at 48.06% (98th percentile), reflecting very high exploitation likelihood, though it is not currently listed in CISA KEV.
Reflected XSS in CPT Bootstrap Carousel WordPress plugin.
Local privilege escalation in the GNU C Library (glibc) dynamic loader ld.so allows unprivileged local users on affected Linux distributions to gain root by abusing a heap buffer overflow when ld.so processes the GLIBC_TUNABLES environment variable during execution of SUID binaries. The flaw is confirmed actively exploited (CISA KEV) with publicly available exploit code, and the EPSS score of 71.53% (99th percentile) reflects very high exploitation likelihood across Linux estates.
Alpine Linux: vim fixed in 9.1.0678-r0
Sensitive data exposure in the Visual Link Preview WordPress plugin (versions up to and including 2.4.1) allows authenticated users with subscriber-level access to access restricted data they should not be authorized to view. The vulnerability stems from insufficient access controls over sensitive system information (CWE-497), permitting any logged-in subscriber to trigger a disclosure endpoint or functionality that returns protected data. No active exploitation has been confirmed by CISA KEV and no public exploit code has been identified at time of analysis, though the low privilege bar makes this accessible to any registered WordPress user.
Stored cross-site scripting in the Bootstrap Shortcode plugin for WordPress allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript into pages via the `box` shortcode, executing malicious scripts whenever users view affected pages. The vulnerability exists in all versions up to 1.0 due to insufficient input sanitization and output escaping. No public exploit code or active exploitation has been identified at this time.
Stored cross-site scripting in Slider Bootstrap Carousel WordPress plugin up to version 1.0.7 allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript via unsanitized 'category' and 'template' shortcode attributes, executing malicious scripts in pages viewed by any user. The vulnerability stems from improper use of extract() on shortcode attributes combined with missing output escaping (esc_attr()) on multiple HTML attributes, enabling persistent XSS injection that affects site security and user data.
Unauthenticated SQL injection in Bootstrapy CMS allows remote attackers to extract sensitive database information or cause denial of service through multiple POST parameters in forum and contact modules. The vulnerability affects forum-thread.php (thread_id), contact-submit.php (subject), and post-new-submit.php (post-id) endpoints. Public exploit code exists via Exploit-DB #46590, though EPSS probability remains low at 0.06% (19th percentile), suggesting limited real-world exploitation despite ease of attack (AV:N/AC:L/PR:N). SSVC framework confirms proof-of-concept availability and automated exploitation potential with partial technical impact.
The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in post.php in bootstrap-multiselect (aka Bootstrap Multiselect) 1.1.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting (XSS).0.0 before 1.13.0, from 3.0.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in Oracle Java SE (component: Compiler). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity.
A vulnerability classified as problematic was found in vim up to 9.1.1096. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. Public exploit code available.
A double-close vulnerability exists in libcurl when tearing down connection channels after threaded name resolution, causing the same eventfd file descriptor to be closed twice. This affects curl version 8.11.1 and various NetApp products that bundle libcurl, potentially leading to file descriptor confusion, limited information disclosure, and high availability impact. A public proof-of-concept exploit is available (HackerOne report 2954286), and the vulnerability has a notably high EPSS score of 6.37% (91st percentile), indicating elevated real-world exploitation likelihood.
When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.9 via the path parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try. Rated medium severity (CVSS 4.2).
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to exploit a signal handler race condition by failing to authenticate within the LoginGraceTime window, potentially yielding root-level code execution on glibc-based Linux systems. The flaw - widely known as 'regreSSHion' - affects numerous distributions and vendor appliances including Ubuntu 23.10/24.04, AlmaLinux 9, SonicWall SMA firmware, Arista EOS, NetApp ONTAP, and others. Publicly available exploit code exists and EPSS scores it at 48.06% (98th percentile), reflecting very high exploitation likelihood, though it is not currently listed in CISA KEV.
Reflected XSS in CPT Bootstrap Carousel WordPress plugin.
Local privilege escalation in the GNU C Library (glibc) dynamic loader ld.so allows unprivileged local users on affected Linux distributions to gain root by abusing a heap buffer overflow when ld.so processes the GLIBC_TUNABLES environment variable during execution of SUID binaries. The flaw is confirmed actively exploited (CISA KEV) with publicly available exploit code, and the EPSS score of 71.53% (99th percentile) reflects very high exploitation likelihood across Linux estates.
Alpine Linux: vim fixed in 9.1.0678-r0