PT-2025-2041 · Themeisle · Orbit Fox

Name of the Vulnerable Software and Affected Versions: Orbit Fox by ThemeIsle plugin for WordPress versions up to, and including, 2.10.43 Description: The issue is related to Stored Cross-Site Scripting via the title tag parameter due to insufficient input sanitization and output escaping. This...

WordPress plugin Orbit Fox by ThemeIsle 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

CVE-2022-21142

Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass...

[Backports-security-announce] Security Update for devscripts

Adam D. Barratt uploaded new packages for devscripts which fixed the following security problems: Debian BTS 507482 When copying files from a remote host for signing, the temporary directory created was named based on the process ID rather than using mktemp. Debian BTS 508111 A call to mktemp use...