4 matches found
PT-2024-19350 · WordPress · Himer
Name of the Vulnerable Software and Affected Versions: Himer WordPress theme versions prior to 2.1.1 Description: The issue concerns the lack of sanitization and escaping of certain Post settings, potentially allowing high-privilege users, such as Contributors, to perform Stored Cross-Site...
PT-2024-40157 · Github · Github-Slug-Action
Name of the Vulnerable Software and Affected Versions: github-slug-action versions prior to 1.1.1 github-slug-action versions prior to 2.1.1 Description: The issue is related to the use of set-env runner commands processed via stdout. It is recommended to upgrade to a version that uses the...
PT-2020-17012 · Multi-Ini · Multi-Ini
Name of the Vulnerable Software and Affected Versions: multi-ini versions prior to 2.1.1 Description: The issue allows an object's prototype to be polluted by specifying the proto object as part of an array. This can potentially lead to unintended behavior or security issues. Recommendations: For...
PT-2018-17400 · WordPress · Wp-Splashing-Images
Name of the Vulnerable Software and Affected Versions: wp-splashing-images versions prior to 2.1.1 Description: The issue allows authenticated remote attackers, with roles such as administrator, editor, or author, to conduct PHP Object Injection attacks. This is achieved by sending crafted...