CVE-2025-12813

The Holiday class post calendar plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.1 via the 'contents' parameter. This is due to a lack of sanitization of user-supplied data when creating a cache file. This makes it possible for unauthenticated...

CVE-2025-12813 Holiday class post calendar <= 7.1 - Unauthenticated Remote Code Execution via 'contents'

The Holiday class post calendar plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.1 via the 'contents' parameter. This is due to a lack of sanitization of user-supplied data when creating a cache file. This makes it possible for unauthenticated...

Slackware 7.07.18.0 - Manual Page Cache File Creation

Slackware 7.07.18.0 - Manual Page Cache File Creation // source: https://www.securityfocus.com/bid/3054/info Slackware Linux contains a configuration error that enables local users to create files in the directory used by the system manual pager 'man' for cache files. Due to the behaviour of the...

Slackware 7.0/7.1/8.0 - Manual Page Cache File Creation

// source: https://www.securityfocus.com/bid/3054/info Slackware Linux contains a configuration error that enables local users to create files in the directory used by the system manual pager 'man' for cache files. Due to the behaviour of the 'man' program, it may be possible for an attacker to...