Dismissed suggestions Untriaged suggestions Draft issues Published issues Dismissed suggestions These automatic suggestions were dismissed after initial triaging. Restore to select a suggestion for a revision. CVE-2025-52799 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 16 packages lms flmsg helmsman lmstudio python312Packages.calmsize python313Packages.calmsize python312Packages.dlms-cosem python313Packages.dlms-cosem python312Packages.llama-index-llms-ollama python312Packages.llama-index-llms-openai python313Packages.llama-index-llms-ollama python313Packages.llama-index-llms-openai python312Packages.llama-index-llms-openai-like python313Packages.llama-index-llms-openai-like python312Packages.llama-index-multi-modal-llms-openai python313Packages.llama-index-multi-modal-llms-openai 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress LMS theme <= 9.1 - Cross Site Scripting (XSS) Vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes LMS allows Reflected XSS. This issue affects LMS: from n/a through 9.1. lms =<9.1 CVE-2025-52833 9.3 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 16 packages lms flmsg helmsman lmstudio python312Packages.calmsize python313Packages.calmsize python312Packages.dlms-cosem python313Packages.dlms-cosem python312Packages.llama-index-llms-ollama python312Packages.llama-index-llms-openai python313Packages.llama-index-llms-ollama python313Packages.llama-index-llms-openai python312Packages.llama-index-llms-openai-like python313Packages.llama-index-llms-openai-like python312Packages.llama-index-multi-modal-llms-openai python313Packages.llama-index-multi-modal-llms-openai 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress LMS <= 9.1 - SQL Injection Vulnerability Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in designthemes LMS allows SQL Injection. This issue affects LMS: from n/a through 9.1. lms =<9.1 CVE-2025-52718 7.2 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 8 packages selendroid stalonetray art-standalone argp-standalone cbqn-standalone htmlunit-driver cbqn-standalone-replxx selenium-server-standalone 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress Alone <= 7.8.2 - Arbitrary Code Execution Vulnerability Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone allows Remote Code Inclusion. This issue affects Alone: from n/a through 7.8.2. alone =<7.8.2 CVE-2025-6505 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 45 packages perlPackages.NetServer perl538Packages.NetServer perl540Packages.NetServer perlPackages.NetLDAPServer perlPackages.NetServerCoro perlPackages.ServerStarter perl538Packages.NetLDAPServer perl538Packages.NetServerCoro perl538Packages.ServerStarter perl540Packages.NetLDAPServer perl540Packages.NetServerCoro perl540Packages.ServerStarter perlPackages.HTTPServerSimple perlPackages.NetLDAPServerTest perlPackages.NetAsyncHTTPServer perlPackages.NetServerSSPrefork perlPackages.PerlLanguageServer perl538Packages.HTTPServerSimple perl540Packages.HTTPServerSimple perl538Packages.NetLDAPServerTest perl540Packages.NetLDAPServerTest perlPackages.HTTPServerSimplePSGI perlPackages.TestHTTPServerSimple perl538Packages.NetAsyncHTTPServer perl538Packages.NetServerSSPrefork perl538Packages.PerlLanguageServer perl540Packages.NetAsyncHTTPServer perl540Packages.NetServerSSPrefork perl540Packages.PerlLanguageServer perlPackages.HTTPServerSimpleMason perlPackages.HTTPServerSimpleAuthen perl538Packages.HTTPServerSimplePSGI perl538Packages.TestHTTPServerSimple perl538Packages.HTTPServerSimpleAuthen perl540Packages.HTTPServerSimpleMason perl538Packages.HTTPServerSimpleMason perlPackages.PlackTestExternalServer perl540Packages.TestHTTPServerSimple perl540Packages.HTTPServerSimplePSGI perl540Packages.HTTPServerSimpleAuthen perl538Packages.PlackTestExternalServer perl540Packages.PlackTestExternalServer perlPackages.CatalystXScriptServerStarman perl538Packages.CatalystXScriptServerStarman perl540Packages.CatalystXScriptServerStarman 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago Unauthorized access and impersonation can occur in versions 4.6.2.3226 and … Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress Software's Hybrid Data Pipeline Server on Linux. This vulnerability allows attackers to combine credentials from different sources, potentially leading to client impersonation and unauthorized access. When OAuth Clients perform an OAuth handshake with the Hybrid Data Pipeline Server, the server accepts client credentials from both HTTP headers and request parameters. Server =<4.6.2.3226 CVE-2025-47444 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed package filegive 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress GiveWP Plugin < 4.6.1 is vulnerable to Sensitive Data (PII) Exposure Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows Retrieve Embedded Sensitive Data.This issue affects GiveWP: from n/a before 4.6.1. give <4.6.1 CVE-2025-54689 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 30 packages furnace xournalpp journalist lazyjournal qjournalctl tui-journal journalwatch annapurna-sil journaldriver systemd-journal2gelf kdePackages.kjournald perlPackages.LogJournald perl538Packages.LogJournald perl540Packages.LogJournald python312Packages.swh-journal python313Packages.swh-journal python312Packages.waterfurnace python313Packages.waterfurnace haskellPackages.journalctl-stream haskellPackages.libsystemd-journal python312Packages.logging-journald python313Packages.logging-journald haskellPackages.logging-facade-journald typstPackages.starter-journal-article_0_1_1 typstPackages.starter-journal-article_0_2_0 typstPackages.starter-journal-article_0_3_0 typstPackages.starter-journal-article_0_3_1 typstPackages.starter-journal-article_0_3_2 typstPackages.starter-journal-article_0_3_3 typstPackages.starter-journal-article_0_4_0 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress Urna Theme <= 2.5.7 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna allows PHP Local File Inclusion. This issue affects Urna: from n/a through 2.5.7. urna =<2.5.7 CVE-2025-54671 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed package libvoikko 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress oik Plugin plugin <= 4.15.2 - Cross Site Request Forgery (CSRF) Vulnerability Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide oik allows Cross Site Request Forgery. This issue affects oik: from n/a through 4.15.2. oik =<4.15.2 CVE-2025-54019 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 8 packages selendroid stalonetray art-standalone argp-standalone cbqn-standalone htmlunit-driver cbqn-standalone-replxx selenium-server-standalone 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress Alone < 7.8.5 - Arbitrary Code Execution Vulnerability Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone allows Code Injection. This issue affects Alone: from n/a through n/a. alone <7.8.5 CVE-2025-54670 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed package libvoikko 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress oik Plugin <= 4.15.2 - Cross Site Scripting (XSS) Vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bobbingwide oik allows Reflected XSS. This issue affects oik: from n/a through 4.15.2. oik =<4.15.2 CVE-2025-57890 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 3 packages haskellPackages.simple-sessions python312Packages.langchain-azure-dynamic-sessions python313Packages.langchain-azure-dynamic-sessions 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress Sessions Plugin <= 3.2.0 - Cross Site Scripting (XSS) Vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Sessions allows Stored XSS. This issue affects Sessions: from n/a through 3.2.0. sessions =<3.2.0
CVE-2025-52799 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 16 packages lms flmsg helmsman lmstudio python312Packages.calmsize python313Packages.calmsize python312Packages.dlms-cosem python313Packages.dlms-cosem python312Packages.llama-index-llms-ollama python312Packages.llama-index-llms-openai python313Packages.llama-index-llms-ollama python313Packages.llama-index-llms-openai python312Packages.llama-index-llms-openai-like python313Packages.llama-index-llms-openai-like python312Packages.llama-index-multi-modal-llms-openai python313Packages.llama-index-multi-modal-llms-openai 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress LMS theme <= 9.1 - Cross Site Scripting (XSS) Vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes LMS allows Reflected XSS. This issue affects LMS: from n/a through 9.1. lms =<9.1
CVE-2025-52833 9.3 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 16 packages lms flmsg helmsman lmstudio python312Packages.calmsize python313Packages.calmsize python312Packages.dlms-cosem python313Packages.dlms-cosem python312Packages.llama-index-llms-ollama python312Packages.llama-index-llms-openai python313Packages.llama-index-llms-ollama python313Packages.llama-index-llms-openai python312Packages.llama-index-llms-openai-like python313Packages.llama-index-llms-openai-like python312Packages.llama-index-multi-modal-llms-openai python313Packages.llama-index-multi-modal-llms-openai 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress LMS <= 9.1 - SQL Injection Vulnerability Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in designthemes LMS allows SQL Injection. This issue affects LMS: from n/a through 9.1. lms =<9.1
CVE-2025-52718 7.2 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 8 packages selendroid stalonetray art-standalone argp-standalone cbqn-standalone htmlunit-driver cbqn-standalone-replxx selenium-server-standalone 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress Alone <= 7.8.2 - Arbitrary Code Execution Vulnerability Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone allows Remote Code Inclusion. This issue affects Alone: from n/a through 7.8.2. alone =<7.8.2
CVE-2025-6505 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 45 packages perlPackages.NetServer perl538Packages.NetServer perl540Packages.NetServer perlPackages.NetLDAPServer perlPackages.NetServerCoro perlPackages.ServerStarter perl538Packages.NetLDAPServer perl538Packages.NetServerCoro perl538Packages.ServerStarter perl540Packages.NetLDAPServer perl540Packages.NetServerCoro perl540Packages.ServerStarter perlPackages.HTTPServerSimple perlPackages.NetLDAPServerTest perlPackages.NetAsyncHTTPServer perlPackages.NetServerSSPrefork perlPackages.PerlLanguageServer perl538Packages.HTTPServerSimple perl540Packages.HTTPServerSimple perl538Packages.NetLDAPServerTest perl540Packages.NetLDAPServerTest perlPackages.HTTPServerSimplePSGI perlPackages.TestHTTPServerSimple perl538Packages.NetAsyncHTTPServer perl538Packages.NetServerSSPrefork perl538Packages.PerlLanguageServer perl540Packages.NetAsyncHTTPServer perl540Packages.NetServerSSPrefork perl540Packages.PerlLanguageServer perlPackages.HTTPServerSimpleMason perlPackages.HTTPServerSimpleAuthen perl538Packages.HTTPServerSimplePSGI perl538Packages.TestHTTPServerSimple perl538Packages.HTTPServerSimpleAuthen perl540Packages.HTTPServerSimpleMason perl538Packages.HTTPServerSimpleMason perlPackages.PlackTestExternalServer perl540Packages.TestHTTPServerSimple perl540Packages.HTTPServerSimplePSGI perl540Packages.HTTPServerSimpleAuthen perl538Packages.PlackTestExternalServer perl540Packages.PlackTestExternalServer perlPackages.CatalystXScriptServerStarman perl538Packages.CatalystXScriptServerStarman perl540Packages.CatalystXScriptServerStarman 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago Unauthorized access and impersonation can occur in versions 4.6.2.3226 and … Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress Software's Hybrid Data Pipeline Server on Linux. This vulnerability allows attackers to combine credentials from different sources, potentially leading to client impersonation and unauthorized access. When OAuth Clients perform an OAuth handshake with the Hybrid Data Pipeline Server, the server accepts client credentials from both HTTP headers and request parameters. Server =<4.6.2.3226
CVE-2025-47444 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed package filegive 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress GiveWP Plugin < 4.6.1 is vulnerable to Sensitive Data (PII) Exposure Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows Retrieve Embedded Sensitive Data.This issue affects GiveWP: from n/a before 4.6.1. give <4.6.1
CVE-2025-54689 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 30 packages furnace xournalpp journalist lazyjournal qjournalctl tui-journal journalwatch annapurna-sil journaldriver systemd-journal2gelf kdePackages.kjournald perlPackages.LogJournald perl538Packages.LogJournald perl540Packages.LogJournald python312Packages.swh-journal python313Packages.swh-journal python312Packages.waterfurnace python313Packages.waterfurnace haskellPackages.journalctl-stream haskellPackages.libsystemd-journal python312Packages.logging-journald python313Packages.logging-journald haskellPackages.logging-facade-journald typstPackages.starter-journal-article_0_1_1 typstPackages.starter-journal-article_0_2_0 typstPackages.starter-journal-article_0_3_0 typstPackages.starter-journal-article_0_3_1 typstPackages.starter-journal-article_0_3_2 typstPackages.starter-journal-article_0_3_3 typstPackages.starter-journal-article_0_4_0 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress Urna Theme <= 2.5.7 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna allows PHP Local File Inclusion. This issue affects Urna: from n/a through 2.5.7. urna =<2.5.7
CVE-2025-54671 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed package libvoikko 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress oik Plugin plugin <= 4.15.2 - Cross Site Request Forgery (CSRF) Vulnerability Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide oik allows Cross Site Request Forgery. This issue affects oik: from n/a through 4.15.2. oik =<4.15.2
CVE-2025-54019 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 8 packages selendroid stalonetray art-standalone argp-standalone cbqn-standalone htmlunit-driver cbqn-standalone-replxx selenium-server-standalone 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress Alone < 7.8.5 - Arbitrary Code Execution Vulnerability Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone allows Code Injection. This issue affects Alone: from n/a through n/a. alone <7.8.5
CVE-2025-54670 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed package libvoikko 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress oik Plugin <= 4.15.2 - Cross Site Scripting (XSS) Vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bobbingwide oik allows Reflected XSS. This issue affects oik: from n/a through 4.15.2. oik =<4.15.2
CVE-2025-57890 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 weeks, 5 days ago by @LeSuisse Activity log Created automatic suggestion 2 months, 1 week ago @LeSuisse removed 3 packages haskellPackages.simple-sessions python312Packages.langchain-azure-dynamic-sessions python313Packages.langchain-azure-dynamic-sessions 3 weeks, 5 days ago @LeSuisse dismissed 3 weeks, 5 days ago WordPress Sessions Plugin <= 3.2.0 - Cross Site Scripting (XSS) Vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Sessions allows Stored XSS. This issue affects Sessions: from n/a through 3.2.0. sessions =<3.2.0