3303 matches found
Vikunja 跨站脚本漏洞
Vikunja is an open-source to-do application developed by Vikunja developers. Versions of Vikunja prior to 2.0.0 had a cross-site scripting vulnerability. This vulnerability stemmed from allowing users to upload SVG files as task attachments without cleaning the SVG content. As a result, embedded...
CVE-2025-13930
The Checkout Field Manager Checkout Manager for WooCommerce plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 7.8.5. This is due to the plugin not properly verifying that a user is authorized to delete an attachment combined with flawed guest order...
CVE-2026-25242
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
Xmind 安全漏洞
Xmind is a mind mapping software developed by Xmind Corporation. There is a security vulnerability in Xmind, which stems from insufficient user interface warnings when processing attachments. This vulnerability could allow remote attackers to execute arbitrary code within the current user...
CVE-2026-25242
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
CVE-2025-13930
The Checkout Field Manager Checkout Manager for WooCommerce plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 7.8.5. This is due to the plugin not properly verifying that a user is authorized to delete an attachment combined with flawed guest order...
CVE-2025-12081
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the "acfphotogalleryeditsave" function in all versions up to, and including, 3.0. This makes it possible for authenticated attackers, with subscriber level acce...
CVE-2025-13930 Checkout Field Manager (Checkout Manager) for WooCommerce <= 7.8.5 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
The Checkout Field Manager Checkout Manager for WooCommerce plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 7.8.5. This is due to the plugin not properly verifying that a user is authorized to delete an attachment combined with flawed guest order...
CVE-2026-25242
CVE-2026-25242 (Gogs) affects Gogs, an open source self-hosted Git service. Versions 0.13.4 and earlier expose unauthenticated file upload endpoints by default. When the global RequireSigninView is disabled (default), remote users can upload arbitrary files to /releases/attachments and /issues/at...
CVE-2026-25242 Gogs allows unauthenticated file uploads
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
CVE-2026-25242 Gogs allows unauthenticated file uploads
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
CVE-2026-25242 Gogs allows unauthenticated file uploads
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
PT-2026-20577
Name of the Vulnerable Software and Affected Versions ACF Photo Gallery Field versions prior to 3.1 Description The ACF Photo Gallery Field plugin for WordPress has a flaw that allows unauthorized modification of data. This is due to a missing capability check within the acf photo gallery edit sa...
PT-2026-20610
Name of the Vulnerable Software and Affected Versions Checkout Manager for WooCommerce versions prior to 7.8.6 Description The Checkout Field Manager Checkout Manager for WooCommerce plugin for WordPress has an authorization issue. The plugin does not properly verify user authorization to delete...
GHSA-7VWX-582J-J332 OpenClaw MS Teams inbound attachment downloader leaks bearer tokens to allowlisted suffix domains
Summary NOTE: This only affects deployments that enable the optional MS Teams extension Teams channel. If you do not use MS Teams, you are not impacted. When OpenClaw downloads inbound MS Teams attachments / inline images, it may retry a URL with an Authorization: Bearer header after receiving 40...
Arbitrary File Upload
Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the UploadIssueAttachment and UploadReleaseAttachment functions, over the /issues/attachments and /releases/attachments endpoints. This is only exploitable if the RequireSigninView setting is disabled, which it...
Unauthenticated File Upload in Gogs
Security Advisory:Unauthenticated File Upload in Gogs Vulnerability Type: Unauthenticated File Upload Date: Aug 5, 2025 Discoverer: OpenAI Security Research Summary Gogs exposes unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any...
GHSA-FC3H-92P8-H36F Unauthenticated File Upload in Gogs
Security Advisory:Unauthenticated File Upload in Gogs Vulnerability Type: Unauthenticated File Upload Date: Aug 5, 2025 Discoverer: OpenAI Security Research Summary Gogs exposes unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any...
PT-2026-23542
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.2 Description The software contains a server-side request forgery issue in attachment and media URL handling. This allows remote attackers to retrieve data from arbitrary HTTPS URLs. An attacker who can contro...
CVE-2026-2312
The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the deletemaxgalleriamedia and maxgalleriarenameimage functions due to missing validation on a user controlled key. This makes it possible for...