WordPress Modula plugin 2.13.1-2.13.2 - Authenticated (Author+) Arbitrary File Deletion vulnerability

Authenticated Author+ Arbitrary File Deletion vulnerability discovered by ISMAILSHADOW in WordPress Plugin Modula Image Gallery versions 2.13.1-2.13.2...

CVE-2025-13646 Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Upload via Race Condition

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files...

WordPress plugin Modula Image Gallery 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

WordPress plugin HurryTimer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Jenkins Plugin Pipeline Utility Steps 路径遍历漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A path traversal...

PT-2021-12008 · Jansson +1 · Jansson +1

Name of the Vulnerable Software and Affected Versions: Jansson versions through 2.13.1 Description: An issue was discovered due to a parsing error in json loads, resulting in an out-of-bounds read-access bug. This issue only occurs when a programmer fails to follow the API specification...

ai.eto:rikai_2.12 (>=0.0.2 <=0.0.12), at.willhaben.willtest:core (=3.1.1) +774 more potentially affected by CVE-2020-9488 via org.apache.logging.log4j:log4j-core (>=2.13.0 <=2.13.1)

org.apache.logging.log4j:log4j-core MAVEN version =2.13.0, =0.0.2, =2.0, =1.4.5, =1.4.5, =1.4.6, =00.01.02, =00.00.01, =00.02.29, =01.01.05 and more Source cves: CVE-2020-9488 Source advisory: OSV:GHSA-VWQQ-5VRC-XW9H...