17 matches found
PT-2026-32087
Name of the Vulnerable Software and Affected Versions The GreenShift - Animation and Page Builder Blocks plugin for WordPress versions up to and including 12.8.9 Description The GreenShift - Animation and Page Builder Blocks plugin for WordPress is susceptible to Stored Cross-Site Scripting due t...
WordPress plugin GreenShift - Animation and Page Builder Blocks 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-2593 Greenshift – animation and page builder blocks <= 12.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the gspbpostcss post meta value and the dynamicAttributes block attribute in all versions up to, and including, 12.8.5 due to insufficient input sanitization and output escapin...
PT-2026-23519
Name of the Vulnerable Software and Affected Versions Greenshift – animation and page builder blocks plugin for WordPress versions through 12.8.5 Description The Greenshift plugin for WordPress is susceptible to Stored Cross-Site Scripting. The issue stems from inadequate input sanitization and...
SolarWinds Web Help Desk < 12.8.3 - Insecure Deserialization
SolarWinds Web Help Desk before version 12.8.3 contain a critical Java deserialization vulnerability that enables remote code execution. Attackers can exploit this flaw to execute arbitrary commands on the host machine. Initially reported as unauthenticated, SolarWinds was unable to reproduce...
CVE-2025-63073
The CVE-2025-63073 entry concerns the WordPress Dream-Theme The7 (dt-the7) WordPress theme up to version 12.8.0.2, with a DOM-based XSS caused by improper input neutralization during web page generation. The issue affects The7 versions
CVE-2025-63073 WordPress The7 theme < 12.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dream-Theme The7 dt-the7 allows DOM-Based XSS.This issue affects The7: from n/a through 12.9.0...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.8.1 through 12.11.4 and 2025.1 through 2025.1.2, which stems from an expected behavior violation that could result in bypassing system integrity...
SolarWinds Web Help Desk 代码问题漏洞
SolarWinds Web Help Desk is a suite of help desk and asset management software from US-based SolarWinds. The software supports centralized knowledge base, IT asset management, project and task management, and other features. A code issue vulnerability exists in SolarWinds Web Help Desk version...
SeaCMS Security Vulnerability
SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version v.12.8, which originates from allowing an attacker to execute arbitrary code via the...
CVE-2023-43278
A Cross-Site Request Forgery CSRF in adminmanager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account...
MiniTool Partition Wizard Trust Management Issue Vulnerability
MiniTool Partition Wizard is a partition manager for home and home office users from MiniTool Canada. A security vulnerability exists in MiniTool Partition Wizard version 12.8, which originates from a vulnerability that allows an attacker to achieve remote code execution via a man-in-the-middle...
CVE-2022-24236
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts...
Snapt Aria 跨站请求伪造漏洞
Snapt Aria is an enterprise ADC solution from Snapt USA that provides a load balancer, web gas pedal, web application firewall WAF, global server load balancer GSLB, etc. A cross-site request forgery vulnerability exists in Snapt Aria version 12.8, which stems from a WEB application that does not...
GitLab安全漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An access control error vulnerability exists in GitLab...
GitLab path traversal vulnerability (CNVD-2020-29843)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise...
GitLab Domain Restriction Bypass Vulnerability
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab version 12.8.x...