2 matches found
PT-2024-5841
Name of the Vulnerable Software and Affected Versions WPML versions up to, and including, 4.6.12 Description The WPML plugin for WordPress is vulnerable to Remote Code Execution via the Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render...
PT-2022-4188 · Unknown +1 · Passwork On-Premise Edition +1
Name of the Vulnerable Software and Affected Versions: Passwork On-Premise Edition versions prior to 4.6.13 Description: The issue is related to incorrect restriction of the path name to a directory with limited access. An attacker can exploit this by manipulating URL parameters to gain access to...