4 matches found
CVE-2026-8042
The Github Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'repo' shortcode attribute in the 'github' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Featured Image via URL plugin <= 0.1 - Authenticated (Contributor+) Arbitrary FIle Upload vulnerability
Authenticated Contributor+ Arbitrary FIle Upload vulnerability discovered by kr0d in WordPress Plugin Featured Image via URL versions = 0.1...
PT-2025-5058 · Gigaom · Gigaom Sphinx
Name of the Vulnerable Software and Affected Versions: Gigaom Sphinx versions up to 0.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Reflected XSS. This enables attackers to inject malicious...
PT-2006-5835 · Net2Ftp · Net2Ftp
Name of the Vulnerable Software and Affected Versions: net2ftp versions 0.1 through 0.62 Description: A remote file inclusion issue in index.php allows remote attackers to execute arbitrary PHP code via a URL in the application rootdir parameter. However, this issue has been disputed by a...