3 matches found
CVE-2025-58840
CVE-2025-58840 refers to the WordPress plugin Custom Team Manager (versions up to 2.4.2). The vulnerability is a stored XSS due to improper input neutralization during web page generation. The Wordfence/WP plugin data show patch status as Unpatched for 2.4.2, with references indicating the issue ...
WordPress plugin TablePress 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
Magento vulnerable to file upload attack
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media directory could lead to remote code execution...