2405 matches found
ASB-A-305695605
In multiple locations, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
BIT-GITLAB-2025-0290 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive...
CVE-2025-0290
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive...
UBUNTU-CVE-2025-0290
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive...
CVE-2025-0290
CVE-2025-0290 affects GitLab CE/EE since 15.0 up to but not including 17.5.5, from 17.6 up to 17.6.3, and from 17.7 up to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive. The connected sources indicate fixed versions: upgrad...
GitLab Community Edition和GitLab Enterprise Edition 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Community Edition and GitLab Enterprise...
CVE-2025-23948
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...
CVE-2025-23948 WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...
CVE-2025-23948
CVE-2025-23948 – Background animation blocks (WordPress plugin) is an active vulnerability caused by improper control of filenames in PHP include/require statements, enabling unauthenticated PHP Local File Inclusion. Affected component: Background animation blocks; affected versions: up to 2.1.5 ...
CVE-2025-23948 WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...
WordPress plugin Background animation blocks 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in th...
PT-2025-5225 · Unknown · Webarea Background Animation Blocks
Name of the Vulnerable Software and Affected Versions: WebArea Background animation blocks versions 2.1.5 and earlier Description: The issue is related to improper control of filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local...
CVE-2025-23573
Cross-Site Request Forgery CSRF vulnerability in sammyb WP Background Tile wp-background-tile allows Stored XSS.This issue affects WP Background Tile: from n/a through = 1.0...
CVE-2025-23573 WordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in sammyb WP Background Tile wp-background-tile allows Stored XSS.This issue affects WP Background Tile: from n/a through = 1.0...
CVE-2025-23573
CVE-2025-23573 is a Cross-Site Request Forgery (CSRF) vulnerability in the WP Background Tile plugin that allows Stored XSS. Affected: WP Background Tile from n/a through version 1.0. Red Hat and other connected documents corroborate the CSRF-to-Stored-XSS nature but do not provide additional tec...
WordPress Editor Wysiwyg Background Color plugin <= 1.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika in WordPress Plugin Editor Wysiwyg Background Color versions = 1.0...
WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Background animation blocks versions = 2.1.5...
WordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin WP Background Tile versions = 1.0...
PT-2025-4947 · WordPress · Wp Background Tile
Name of the Vulnerable Software and Affected Versions: WP Background Tile versions n/a through 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...
WordPress plugin WP Background Tile 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...