GHSA-FHH6-4QXV-RPQJ 9router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes

Summary 9router exposes two unauthenticated API endpoints that, when chained together, allow any network-adjacent attacker to execute arbitrary OS commands as the user running the 9router process — with zero prerequisites and no credentials required. The vulnerability exists because the Next.js...

9router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes

9router exposes two unauthenticated API endpoints that, when chained together, allow any network-adjacent attacker to execute arbitrary OS commands as the user running the 9router process — with zero prerequisites and no credentials required. The vulnerability exists because the Next.js middlewar...

CVE-2026-7043 GreenCMS index.php pluginAddLocal unrestricted upload

A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of the file /index.php?m=admin&c=custom&a=pluginadd. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Th...

CVE-2026-2023

CVE-2026-2023: WP Plugin Info Card for WordPress was affected by a CSRF vulnerability up to version 6.2.0 due to missing nonce validation in ajax_save_custom_plugin(), allowing unauthenticated attackers to forge requests that create or modify custom plugin entries if a site admin is enticed to pe...

WordPress plugin WP Plugin Info Card 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CKEditor 5 cross-site scripting (XSS) vulnerability in the clipboard package

Impact A Cross-Site Scripting XSS vulnerability has been discovered in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert a malicious content into the editor, which...

PT-2025-35839

Name of the Vulnerable Software and Affected Versions: ckeditor5 versions 44.2.0 through 45.2.1 ckeditor5 versions 46.0.0 through 46.0.2 ckeditor5-clipboard versions 44.2.0 through 45.2.1 ckeditor5-clipboard versions 46.0.0 through 46.0.2 Description: CKEditor 5 is a modern JavaScript rich-text...

GO-2025-3704 Grafana Cross-Site-Scripting (XSS) via custom loaded frontend plugin in github.com/grafana/grafana

Grafana Cross-Site-Scripting XSS via custom loaded frontend plugin in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

CVE-2022-46827

In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible...

CVE-2021-43557

The uri-block plugin in Apache APISIX before 2.10.2 uses $requesturi without verification. The $requesturi is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains...

CVE-2024-51780 WordPress eewee admin custom plugin <= 1.8.2.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in eewee eewee admin custom eewee-admincustom allows Reflected XSS.This issue affects eewee admin custom: from n/a through = 1.8.2.4...

BIT-APISIX-2021-43557 Path traversal in request_uri variable

The uri-block plugin in Apache APISIX before 2.10.2 uses $requesturi without verification. The $requesturi is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains...

juzawebCMS Injection vulnerability

An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...

CVE-2023-46468

An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...

Design/Logic Flaw

An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function...

Juzaweb CMS Injection Vulnerability

Juzaweb CMS is a content management system developed by Juzaweb Individual Developer based on the Laravel framework and Web platform. A security vulnerability exists in Juzaweb CMS v.3.4 and earlier versions, which originated from a vulnerability that allows remote attackers to execute arbitrary...

PT-2023-30037 · Unknown · Juzawebcms

Name of the Vulnerable Software and Affected Versions: juzawebCMS versions 3.4 and earlier Description: An issue in the software allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function. This enables the attacker to potentially gain control over the...

CVE-2022-46827

In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible...

CVE-2022-46827

In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible...

Design/Logic Flaw

In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible...