CVE-2026-27043

Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGoods Photography allows Path Traversal.This issue affects Photography: from n/a before 7.7.6...

CVE-2026-27043

CVE-2026-27043 affects the WordPress Photography theme (ThemeGoods Photography). The vulnerability is described as an authenticated (Editor+) Arbitrary File Upload vulnerability that arises in Photography versions up to 7.7.5, with public notes indicating exposure risk and path traversal implicat...

PT-2026-26294

CVE-2026-27043 Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGoods Photography allows Path Traversal.This issue affects Photography: from n/a through 7.7.5. https://t.co/2aaKvB4qZZ...

WordPress Photography theme < 7.7.6 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Phat RiO in WordPress Theme Photography versions 7.7.6...

WordPress plugin “Photography” security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

WordPress plugin LifterLMS SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

WordPress LifterLMS Plugin <= 7.7.5 is vulnerable to SQL Injection

Software LifterLMS Type Plugin Vulnerable versions = 7.7.5 Fixed in 7.7.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-7349 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 171b245559b0 Credits FKSEC Required privilege Administrator Published 6...

WordPress The Post Grid Plugin <= 7.7.4 is vulnerable to Broken Access Control

Software The Post Grid Type Plugin Vulnerable versions = 7.7.4 Fixed in 7.7.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37482 Patch priority Low CVSS severity Low 4.3 Developer Mamunur Rashid PSID cde94030335f Credits Rafie Muhammad Patchstack Requir...

CVE-2021-42643

cmseasy V7.7.520211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability...

Cross site scripting

Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML ...