WordPress plugin Gutenify 跨站脚本漏洞

WordPress Gutenify plugin is a free visual site builder for WordPress that provides Full Site Edit FSE functionality to help users quickly build websites with preset blocks and templates. WordPress Gutenify plugin suffers from a cross-site scripting vulnerability that stems from the application's...

EUVD-2025-25375

Malicious code in bioql PyPI...

PT-2025-1665 · WordPress · Borderless – Widgets

Name of the Vulnerable Software and Affected Versions: Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress versions up to, and including, 1.5.9 Description: The issue is related to Remote Code Execution due to a lack of sanitization on an imported...

HashiCorp go-getter 安全漏洞

HashiCorp go-getter is a library for Go golang from HashiCorp, USA, used to download files or directories from various sources using URLs as the primary form of input. A security vulnerability exists in HashiCorp go-getter versions 1.5.9 through 1.7.3 that stems from vulnerability to parameter...

CVE-2021-32923

HashiCorp Vault and Vault Enterprise allowed the renewal of nearly-expired token leases and dynamic secret leases specifically, those within 1 second of their maximum TTL, which caused them to be incorrectly treated as non-expiring during subsequent use. Fixed in 1.5.9, 1.6.5, and 1.7.2...

FreePlane XML External Entity Injection Vulnerability

FreePlane is a set of free open source mind mapping tools. mindmap loader is one of the mind map loader. XML Parser is one of the XML file parser. An XML external entity injection vulnerability exists in the XML Parser of the mindmap loader in FreePlane 1.5.9 and earlier versions. An attacker can...