2352 matches found
WordPress plugin Bootstrap Ultimate 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
PT-2025-2212 · WordPress · Bootstrap Ultimate
Name of the Vulnerable Software and Affected Versions: Bootstrap Ultimate theme for WordPress versions up to and including 1.4.9 Description: The issue allows unauthenticated attackers to include PHP files on the server via the path parameter, enabling the execution of any PHP code in those files...
Envoy Admin Interface Exposed through prometheus metrics endpoint
Impact A user with access to a Kubernetes cluster where Envoy Gateway is installed can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by Envoy Gateway. The admin interface can be used to terminate the Envoy process and extract the Envoy configuration...
CVE-2025-24030
CVE-2025-24030 affects Envoy Gateway prior to version 1.2.6. A user with Kubernetes cluster access can perform a path traversal attack against the Envoy Admin interface to terminate the Envoy process and exfiltrate the proxy configuration (potentially containing confidential data). The issue is f...
CVE-2025-24030 Envoy Admin Interface Exposed through prometheus metrics endpoint
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway prior...
CVE-2025-24030 Envoy Admin Interface Exposed through prometheus metrics endpoint
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway prior...
CVE-2025-24030 Envoy Admin Interface Exposed through prometheus metrics endpoint
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway prior...
PT-2025-5269
Name of the Vulnerable Software and Affected Versions: Envoy Gateway versions prior to 1.2.6 Description: A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by Envoy Gateway. The admin interface can be used to...
Drupal Flattern – Multipurpose Bootstrap Business Profile module * - Authenticated Other Vulnerability Type vulnerability
Authenticated Other Vulnerability Type vulnerability discovered by Drupal Security Site in WordPress Module Flattern – Multipurpose Bootstrap Business Profile versions...
CVE-2025-22743
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian...
CVE-2025-22743 WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian Shortcode: from n/a through 1.0...
CVE-2025-22743 WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian...
CVE-2025-22743
CVE-2025-22743: DOM-Based XSS in Twitter Bootstrap Collapse (Accordion Shortcode). Improper input handling in Twitter Bootstrap Collapse/Accordion Shortcode allows cross-site scripting. Affected: Twitter Bootstrap Collapse aka Accordion Shortcode from n/a to 1.0. Published 2025-01-14. Connected d...
WordPress plugin Twitter Bootstrap Collapse aka Accordian Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Twitter Bootstrap Collapse aka Accordian...
GHSA-GJF6-3W4P-7XFH vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
GHSA-GJF6-3W4P-7XFH vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
GHSA-JJCV-WR2G-4RV4 vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
GHSA-JJCV-WR2G-4RV4 vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
GHSA-P54P-P3QM-8VGJ vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
GHSA-P54P-P3QM-8VGJ vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...