7 matches found
PT-2026-21160
Name of the Vulnerable Software and Affected Versions vanquish Upload Files Anywhere versions prior to and including 2.8 Description The software contains a flaw related to improper limitation of a pathname to a restricted directory, specifically a 'Path Traversal' issue. This impacts the Upload...
WordPress Wired Impact Volunteer Management plugin <= 2.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by hhhai in WordPress Plugin Wired Impact Volunteer Management versions = 2.8...
CVE-2025-49300
CVE-2025-49300 affects WordPress plugin Traveler Option Tree (shinetheme) up to version 2.8. The vulnerability arises from insertion of sensitive information into data that is sent, enabling retrieval of embedded sensitive data from the custom-option-tree component. Affected versions are through ...
CVE-2025-60234
Deserialization of Untrusted Data vulnerability in designthemes Single Property single-property allows Object Injection.This issue affects Single Property: from n/a through = 2.8...
CVE-2025-60234
Deserialization of Untrusted Data vulnerability in designthemes Single Property single-property allows Object Injection.This issue affects Single Property: from n/a through = 2.8...
PT-2024-16432 · Idexpert · Idexpert
Name of the Vulnerable Software and Affected Versions: IDExpert versions up to 2.8 Description: The issue concerns a lack of validation in the administrator interface of IDExpert, allowing remote attackers with administrative privileges to inject and execute OS commands on the server. This can be...
PT-2024-10573
Name of the Vulnerable Software and Affected Versions Kento Post View Counter plugin for WordPress versions up to, and including, 2.8 Description The issue allows unauthenticated attackers to perform SQL Injection via the kento pvc geo parameter due to insufficient escaping on the user-supplied...