3 matches found
CVE-2025-54704
CVE-2025-54704 is a DOM-based XSS vulnerability in the WordPress plugin Easy Elementor Addons (versions up to 2.2.6). The root cause is improper neutralization of user input during web page generation, enabling DOM-based cross-site scripting. Public sources confirm affected software as Easy Eleme...
cc.cc4414:cc-spring-cloud-starter-gateway (=0.8.0), cn.acyou:leo-gateway (>=1.0.0.RELEASE <=1.1.1.RELEASE) +95 more potentially affected by CVE-2025-41235 via org.springframework.cloud:spring-cloud-gateway-server (>=2.2.6.RELEASE <=3.1.1)
org.springframework.cloud:spring-cloud-gateway-server MAVEN version =2.2.6.RELEASE, =1.0.0.RELEASE, =1.1.0, =8.1.0.286, =8.1.0.286, =2.0.1, =1.1.93, =1.1.121 - cn.sunxiansheng:common-cloud-gateway-starter =1.0.0 and more Source cves: CVE-2025-41235 Source advisory: OSV:GHSA-6J2Q-C73V-97C5...
CVE-2023-32297
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LWS LWS Affiliation allows PHP Local File Inclusion.This issue affects LWS Affiliation: from n/a through 2.2.6...