10 matches found
PT-2025-49881
CVE-2025-66534 Missing Authorization vulnerability in Elated-Themes The Aisle theaisle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The… https://t.co/IXrQrHN57i...
CVE-2025-60228 WordPress Knowledge Base theme <= 2.9 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through = 2.9...
CVE-2025-60228 WordPress Knowledge Base theme <= 2.9 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through = 2.9...
PT-2025-38855
Name of the Vulnerable Software and Affected Versions SmartDataSoft DriCub versions through 2.9 Description A Server-Side Request Forgery SSRF issue exists in SmartDataSoft DriCub. This allows for Server Side Request Forgery. The vulnerability allows an attacker to make requests on behalf of the...
WordPress plugin PowerPack Elementor Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2024-39445 · WordPress · Qs Dark Mode Plugin
Name of the Vulnerable Software and Affected Versions: QS Dark Mode Plugin for WordPress versions up to, and including, 2.9 Description: The QS Dark Mode Plugin for WordPress has a Stored Cross-Site Scripting issue via SVG file uploads due to insufficient input sanitization and output escaping...
CVE-2023-6120
The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the uploadcertificatefile function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server...
org.apache.pulsar:pulsar-server-distribution (>=2.9.0 <=2.9.2) potentially affected by CVE-2022-33683 via org.apache.pulsar:pulsar-proxy (>=2.9.0 <=2.9.2)
org.apache.pulsar:pulsar-proxy MAVEN version =2.9.0, =2.9.0, =2.9.2 Source cves: CVE-2022-33683 Source advisory: OSV:GHSA-J3QW-G67Q-7M64...
Cisco Common Services Platform Collector 跨站脚本漏洞
Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...
CVE-2017-10344
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...