Plane 访问控制错误漏洞

Plane is an open source, self-hosted project planning tool from Plane Open Source. An access control error vulnerability exists in versions of Plane prior to 1.2.0, which stems from a guest user being able to access a list of members of a specific workspace and recognize an administrator's email...

CVE-2025-0969

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

WordPress plugin Brizy – Page Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-48565

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, there is an IDOR Insecure Direct Object Reference vulnerability in the Grav CMS Admin Panel which allows low-privilege users to access sensitive information from other accounts. Although direct account takeover is not possible, admin emai...

PT-2025-5354 · Unknown +1 · Otrs Community Edition +1

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 2024.X OTRS Community Edition version 6.0.x Description: Certain errors of the upstream libraries will insert sensitive information in the log mechanism and mails sent to the system administrator. Products based on...