CVE-2025-69619

A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...

Malicious code in conp-dats-editor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adac2b3e811707a0113ec1484330ebada12a632966c81143eab49233e87cabbf The package conp-dats-editor was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-772 Malicious code in conp-dats-editor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adac2b3e811707a0113ec1484330ebada12a632966c81143eab49233e87cabbf The package conp-dats-editor was found to contain malicious code. Source: ossf-package-analysis...

CVE-2026-1246

The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...

CVE-2026-1268

The Dynamic Widget Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget content field in the Gutenberg editor sidebar in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes ...

CVE-2026-1268 Dynamic Widget Content <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Content Field

The Dynamic Widget Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget content field in the Gutenberg editor sidebar in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes ...

CVE-2026-1268

The Dynamic Widget Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget content field in the Gutenberg editor sidebar in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes ...

EUVD-2026-5540

The Dynamic Widget Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget content field in the Gutenberg editor sidebar in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes ...

CVE-2026-1246

The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...

EUVD-2026-5545

The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...

CVE-2026-25510

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Execution RCE by leveraging the file creation and sav...

CVE-2025-69619

A concrete CVE entry CVE-2025-69619 describes a path traversal vulnerability in My Text Editor v1.6.2 that can cause a Denial of Service by writing files to internal storage. The issue stems from path traversal in the editor’s handling of file paths, allowing manipulation to access/modify files o...

CVE-2025-69619

A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...

CVE-2025-69619

A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...

PT-2026-6032

Name of the Vulnerable Software and Affected Versions ShortPixel Image Optimizer plugin for WordPress versions prior to 6.4.3 Description The ShortPixel Image Optimizer plugin for WordPress is susceptible to unauthorized file access through a path traversal flaw. This issue stems from inadequate...

EUVD-2025-206859

A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...

PT-2026-6594

Name of the Vulnerable Software and Affected Versions My Text Editor version 1.6.2 Description A path traversal issue exists in My Text Editor version 1.6.2. This can allow attackers to cause a Denial of Service DoS by writing files to the internal storage. The issue involves manipulating file...

CVE-2025-69619

A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...

zipperapp My Text Editor 安全漏洞

Zipperapp My Text Editor is an Android text editor developed by the South Korean company zipperapp. Version 1.6.2 of Zipperapp My Text Editor contains a security vulnerability caused by path traversal attacks. Attackers can exploit this vulnerability by writing files to internal storage, leading ...

Notepad++ Users, You May Have Been Hacked by China

Suspected Chinese state-backed hackers hijacked the Notepad++ update infrastructure to deliver a backdoored version of the popular free source code editor and note-taking app for Windows...