EUVD-2025-206857

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function...

CVE-2025-70073

Summary: CVE-2025-70073 affects ChestnutCMS versions prior to 1.5.9. The issue enables a remote attacker to execute arbitrary code through the template creation function. The provided sources explicitly describe vulnerable software versions (ChestnutCMS v1.5.8 and earlier) and cite a template cre...

WordPress plugin Sale! Immigration law, Visa services support, Migration Agent Consulting 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Sale...

ChestnutCMS 路径遍历漏洞

ChestnutCMS is a front-end and back-end separated enterprise-level content management system by liweiyi individual developer. A path traversal vulnerability exists in ChestnutCMS 1.5.8 and earlier versions, which stems from incorrect manipulation of the parameter path in the file...

PT-2025-1528 · WordPress · Wp Cta Pro

Name of the Vulnerable Software and Affected Versions: WP CTA PRO WordPress CTA versions 1.5.8 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For versions...

PT-2024-12001 · Unknown · Clever Widgets Enhanced Text Widget

Name of the Vulnerable Software and Affected Versions: Clever Widgets Enhanced Text Widget versions 1.5.8 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Enhanced Text Widget, which allows exploiting incorrectly configured access control security...

CVE-2024-54211

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visualmodo Borderless allows Cross-Site Scripting XSS.This issue affects Borderless: from n/a through 1.5.8...

WordPress Acowebs Product Labels For Woocommerce plugin <= 1.5.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin Product Labels For Woocommerce versions = 1.5.8...

PT-2023-14157 · Unknown · Shambix Simple Csv/Xls Exporter

Name of the Vulnerable Software and Affected Versions: Shambix Simple CSV/XLS Exporter versions 1.5.8 and earlier Description: The issue is related to the improper neutralization of formula elements in a CSV file. This can potentially lead to unintended consequences when importing or processing t...

CVE-2023-22694

Cross-Site Request Forgery CSRF vulnerability in Arian Khosravi, Norik Davtian BigContact Contact Page plugin = 1.5.8 versions...

EKAKIN Shihonkanri Plus GOOUT Input Validation Error Vulnerability

EKAKIN Shihonkanri Plus GOOUT is a CGI Common Gateway Interface from EKAKIN Japan. An input validation error vulnerability exists in EKAKIN shihonkanri Plus GOOUT versions 1.5.8 and 2.2.10. The vulnerability originates from a network system or product that does not properly validate incoming data...