8 matches found
CVE-2026-12557
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.3.29. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to read all...
WordPress Ninja Forms - File Uploads plugin <= 3.3.29 - File Uploads <= 3.3.29 - Missing Authorization to Unauthenticated Log Disclosure and Deletion vulnerability
WordPress Ninja Forms - File Uploads plugin = 3.3.29 - File Uploads = 3.3.29 - Missing Authorization to Unauthenticated Log Disclosure and Deletion vulnerability discovered by Ad4m5 in WordPress Plugin Ninja Forms File Uploads Extension versions = 3.3.29...
CVE-2026-13369 Ninja Forms - File Uploads <= 3.3.29 - Unauthenticated Arbitrary File Read via File Upload Field 'files[].data.file_path' Parameter
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to Arbitrary File Read via the attachfiles function in versions up to, and including, 3.3.29. This is due to the getfilesforattachment function accepting a raw attacker-controlled 'files' array when the process method returns early...
EUVD-2019-8027
Malware in sbrugna...
BIT-NEOS-2022-30429
Multiple cross-site scripting XSS vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of assets, or a workspace title. The vulnerabilities were found in versions 3.3.29 and 8.0.1 and could also ...
Neos 跨站脚本漏洞
Neos/forms is an open source framework for building web forms. A security vulnerability exists in Neos CMS versions 3.3.29 and 8.0.1, which stems from the presence of multiple cross-site scripting vulnerabilities...
Advantech WISE-PaaS/RMM XML External Entity Injection Vulnerability
Advantech WISE-PaaS/RMM is an IoT device remote monitoring and management platform. An XML External Entity Injection XXE vulnerability exists in Advantech WISE-PaaS/RMM 3.3.29 and earlier versions. An attacker can exploit this vulnerability to obtain sensitive data...
Advantech WISE-PaaS/RMM Path Traversal Vulnerability
Advantech WISE-PaaS/RMM is an IoT device remote monitoring and management platform. A path traversal vulnerability exists in Advantech WISE-PaaS/RMM 3.3.29 and earlier versions. The vulnerability stems from failure to properly validate a user-supplied path before using it for file operations. An...