2005 matches found
OpenCATS - Command Injection
OpenCATS prior to commit 3002a29 contains a command injection caused by injection of PHP statements into the installer AJAX endpoint's databaseConnectivity action parameter, letting unauthenticated attackers execute arbitrary code, exploit requires incomplete installation wizard. id: CVE-2026-277...
Ads Pro Plugin <= 4.89 - Local File Inclusion
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.89 via the 'bsatemplate' parameter of the bsapreviewcallback function. This makes it possible for unauthenticated attackers to includ...
Invision Community <=5.0.6 Unauthenticated RCE via Template Injection
Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller /applications/core/modules/front/system/themeeditor.php, where a protected method named customCss can be invoked by unauthenticated...
CVE-2026-15338
CVE-2026-15338 concerns the LA-Studio Element Kit for Elementor plugin for WordPress. Affected: all versions up to 1.6.1. Issue: Local File Inclusion via the get_type_template function in the progress_type widget setting. Exploitation requires authenticated access at contributor level or higher, ...
CVE-2026-13080
The CVE concerns the WordPress plugin WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell . It is vulnerable to Local File Inclusion (LFI) in all versions up to and including 3.12.7 via the logKey parameter. The issue can be exploited by an attacker with at least administr...
CVE-2026-5137
The RTMKit rometheme-for-elementor plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.7 This is due to insufficient path validation on the 'template' parameter in the rendertemplates AJAX endpoint, which is used directly in a require/include statement...
CVE-2026-12242
The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 5.17.7 via the 'banner' attribute of the adrotate shortcode. This is due to insufficient input validation and sanitization of the banner shortcode attribute before...
CVE-2026-56446
MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privileges could direct log output to a PHP file in a...
CVE-2026-48908
CVE-2026-48908 affects the Joomla extension SP Page Builder (com_sppagebuilder). Reports and PoCs confirm unauthenticated file upload via the asset.uploadCustomIcon task, allowing arbitrary files to be written to the webroot and potentially executing PHP code. Affected versions are 1.0.0 through ...
EUVD-2026-38109
A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution...
CVE-2026-48939
The CVE-2026-48939 issue affects iCagenda/Joomla. The vulnerability is in the frontend event submission form’s file attachment feature, where missing access control and lack of file validation allow unauthenticated uploads that are written to a web‑accessible directory and can be executed as PHP,...
PT-2026-50843
Name of the Vulnerable Software and Affected Versions BetterDocs Pro versions prior to 3.8.1 Description The plugin is susceptible to Local File Inclusion, a condition where an application includes files on a local server unexpectedly. Unauthenticated attackers can exploit this via the doc style...
EUVD-2026-37852
The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server...
Joomla! Extension 'JCE' < 2.9.99.5 Remote Code Execution
The version of the JCE Joomla Content Editor extension for the Joomla! application running on the remote host is prior to 2.9.99.5. It is, therefore, affected by an improper access control vulnerability. The extension allows the creation of new editor profiles for unauthenticated users, ultimatel...
Exploit for Code Injection in Phpunit_Project Phpunit
CVE-2017-9841 — PHPUnit Remote Code Execution RCE PoC ⚠...
CVE-2017-20251
WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...
CVE-2026-52778
YesWiki (PHP-based wiki) exposes a vulnerability in the Bazar form field calculator (CalcField.php) present before version 4.6.6. The code attempts to sanitize user-defined mathematical formulas using a complex recursive regex prior to passing them to PHP eval(), creating a surface for Regular Ex...
WordPress plugin WP User Manager – User Profile Builder & Membership 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2026-38991
Cockpit 2.13.5 and earlier is affected by a misconfiguration within the Bucket component isFileTypeAllowed function where a specially crafted filename bypasses an extension filter. This allows an authenticated attacker to rename arbitrary files with the .php file extension enabling arbitrary code...
CVE-2026-7522
The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.1.0 via the 'template' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .ph...