CVE-2023-46194

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Eric Teubert Archivist – Custom Archive Templates plugin = 1.7.5 versions...

CVE-2006-7048

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the 1 clarolineRepositorySys parameter to a atutor.inc.php b db-generic.inc.php c docebo.inc.php d dokeos.1.6.inc.php e dokeos.inc.php f ganesha.inc.php g...

WordPress Slide <= 1.7.5 - Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme Slide versions = 1.7.5...

WordPress Slide <= 1.7.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme Slide versions = 1.7.5...

WordPress Behance Portfolio Manager plugin <= 1.7.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Behance Portfolio Manager versions = 1.7.5...

WordPress plugin WPCOM Member 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. An authorization issue...

CVE-2024-11038

The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary shortcode execution via wpbpcffirecontactform AJAX action in all versions up to, and including, 1.7.5. This is due to the software allowing users to...

WordPress plugin PDF Generator Addon for Elementor Page Builder 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plug-in. A path traversal vulnerability...

PT-2025-5410 · Unknown · Redefiningtheweb Pdf Generator Addon

Name of the Vulnerable Software and Affected Versions: RedefiningTheWeb PDF Generator Addon for Elementor Page Builder versions 1.7.5 and earlier Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'. This allows...

PT-2025-2228 · WordPress · Wordpress Survey & Poll

Name of the Vulnerable Software and Affected Versions: WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress versions up to and including 1.7.5 Description: The issue allows authenticated attackers with Contributor-level access and above to inject SQL queries via the id attribute o...

WordPress plugin WordPress Survey & Poll 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin WordPress...

IBM WebSphere Automation Command Injection Vulnerability

IBM WebSphere Automation is an automation management software from IBM for optimizing and managing data center resources. A security vulnerability exists in IBM WebSphere Automation version 1.7.5. A remote attacker could exploit the vulnerability to execute arbitrary code on the system...

CVE-2024-54181

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit this vulnerability to execute arbitrary code on the system...

IBM WebSphere Automation 操作系统命令注入漏洞

IBM WebSphere Automation is an automation management software from IBM for optimizing and managing data center resources. A security vulnerability exists in IBM WebSphere Automation version 1.7.5. A remote attacker could exploit the vulnerability to execute arbitrary code on the system...

PT-2024-9964 · Ibm · Ibm Websphere Automation

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Automation version 1.7.5 Description: The vulnerability in the IBM WebSphere Automation platform's Swagger interface is related to the failure to neutralize special elements used in operating system commands. This could allow a...

Medium: apr

Issue Overview: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr...

WordPress CM Pop-Up Banners plugin <= 1.7.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin CM Pop-Up banners versions 1.7.5...

CVE-2024-11038

The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary shortcode execution via wpbpcffirecontactform AJAX action in all versions up to, and including, 1.7.5. This is due to the software allowing users to...

WordPress WPB Popup for Contact Form 7 plugin <= 1.7.5 - Unauthenticated Arbitrary Shortcode Execution via wpb_pcf_fire_contact_form vulnerability

Unauthenticated Arbitrary Shortcode Execution via wpbpcffirecontactform vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin WPB Popup for Contact Form 7 versions = 1.7.5...

CVE-2023-49582 affecting package apr for versions less than 1.7.5-1

CVE-2023-49582 affecting package apr for versions less than 1.7.5-1. An upgraded version of the package is available that resolves this issue...