TOZED ZLT M30S 安全漏洞

TOZED ZLT M30S is a mobile WiFi router from China's Tongze Kangwei TOZED. A security vulnerability exists in TOZED ZLT M30S version 1.47 and earlier, which stems from the presence of an improperly access-controlled on-chip debug and test interface in the UART Interface component, which could lead...

PT-2025-53406

Name of the Vulnerable Software and Affected Versions TOZED ZLT M30s versions up to 1.47 Description A flaw exists in TOZED ZLT M30s up to version 1.47 related to the UART Interface component. Manipulation of an unknown function within this component can lead to improper access control to the...

TOZED ZLT M30S和TOZED ZLT M30S PRO 安全漏洞

TOZED ZLT M30S and TOZED ZLT M30S PRO are both a mobile WiFi router from China's Tongze Kangwei TOZED. A security vulnerability exists in the TOZED ZLT M30S and TOZED ZLT M30S PRO versions 1.47 and 3.09.06, which stems from incorrect manipulation of the parameter goformId in the file...

CVE-2025-11627

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

CVE-2025-11627 Site Checkup AI Troubleshooting with Wizard and Tips for Each Issue <= 1.47 - Unauthenticated Log File Poisoning

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

CVE-2025-11627 Site Checkup AI Troubleshooting with Wizard and Tips for Each Issue <= 1.47 - Unauthenticated Log File Poisoning

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

WordPress plugin Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2025-11745

Malicious code in bioql PyPI...

WordPress plugin FluentBoards 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

GitLab 输入验证错误漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab versions 1.47 through prior to 3.0.5...

WordPress We’re Open! Plugin <= 1.46 is vulnerable to Cross Site Scripting (XSS)

Software We’re Open! Type Plugin Vulnerable versions = 1.46 Fixed in 1.47 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25964 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7dec04029e56 Credits TaeEun Lee Required privilege...

SOPlanning Authentication Bypass Vulnerability

SOPlanning is an online planning tool for efficiently organizing projects and tasks. An authentication bypass vulnerability exists in SOPlanning 1.45 - 1.47. An attacker can exploit this vulnerability to completely bypass administrator and guest user authentication by forging a valid cookie...

SOPlanning Authentication Bypass Vulnerability

SOPlanning is an online project management software. An authentication bypass vulnerability exists in versions prior to SoPlanning 1.47. The vulnerability stems from the program not properly checking the security key used to publicly share the planning solution. An attacker could use this...

Authentication flaw

SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication...

CVE-2020-2090

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method...

LibreNMS Information Disclosure Vulnerability

LibreNMS is a PHP/MYSQL/SNMP-based open source monitoring tool . An information disclosure vulnerability exists in LibreNMS 1.47 and earlier versions, which can be exploited by an attacker to identify the exact code version installed and obtain local file paths...

LibreNMS Authentication Bypass Vulnerability

LibreNMS is a PHP/MYSQL/SNMP-based open source monitoring tool . An authentication bypass vulnerability exists in LibreNMS 1.47 and earlier versions, which can be exploited by an attacker to access multiple scripts...

Cloudsafe365 Plugin for WordPress 'file' Parameter Traversal Arbitrary File Access

The Cloudsafe365 Plugin for WordPress installed on the remote host is affected by a directory traversal vulnerability due to a failure to properly sanitize user-supplied input to the 'file' parameter of the admin/editor/cs365edit.php script. This vulnerability allows an unauthenticated, remote...