38 matches found
Flowise 安全漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained security vulnerabilities. These vulnerabilities stemmed from issues with batch assignment during the creation and updating of CustomTemplates, which...
CVE-2026-44884
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8 and 2.39.1, a missing authorization vulnerability in the Custom Template file endpoint GET...
CVE-2026-44884
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8 and 2.39.1, a missing authorization vulnerability in the Custom Template file endpoint GET...
CVE-2026-44884
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8 and 2.39.1, a missing authorization vulnerability in the Custom Template file endpoint GET...
GHSA-CQPQ-2FGR-8MVC Portainer missing authorization on custom template file endpoint, which exposes template content
Summary A missing authorization vulnerability in the Custom Template file endpoint GET /api/customtemplates/id/file allows any authenticated user to read the file content of any custom template by enumerating sequential integer IDs, bypassing Resource Control access restrictions. Template files m...
EUVD-2025-17212
Malicious code in bioql PyPI...
EUVD-2021-29613
Malicious code in bioql PyPI...
WordPress Post Custom Templates Lite plugin <= 1.14 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Post Custom Templates Lite versions = 1.14...
Linux Distros Unpatched Vulnerability : CVE-2023-3399
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 11.6 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions...
CVE-2025-30942
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through = 1.14...
CVE-2025-30942
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through = 1.14...
CVE-2025-30942 WordPress Post Custom Templates Lite plugin <= 1.14 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through = 1.14...
CVE-2025-30942 WordPress Post Custom Templates Lite plugin <= 1.14 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through = 1.14...
CVE-2025-30942
CVE-2025-30942 is a stored XSS vulnerability in OTWthemes’ WordPress plugin Post Custom Templates Lite . The description cites Improper Neutralization of Input During Web Page Generation as the root cause, enabling cross-site scripting via input handled by the plugin. Affected versions are listed...
WordPress plugin Post Custom Templates Lite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...
PT-2025-24168 · Otwthemes · Otwthemes Post Custom Templates Lite
Name of the Vulnerable Software and Affected Versions: OTWthemes Post Custom Templates Lite versions 1.14 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can...
Authoring Custom Spin Templates
Learn how to create, distribute, and install custom templates for Spin CLI to boost developer productivity and meet regulatory compliance...
CVE-2025-31767
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through = 1.14...
CVE-2025-31767
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through = 1.14...
WordPress plugin Post Custom Templates Lite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...