6 matches found
DEBIAN-CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
EUVD-2025-35522
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xtemos WoodMart woodmart allows DOM-Based XSS.This issue affects WoodMart: from n/a through 8.3.2...
CVE-2025-49936
CVE-2025-49936: WordPress WoodMart theme
WordPress plugin WoodMart 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2021-43075
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.2 and below, version 8.5.2 and below, version 8.4.2 and below, version 8.3.2 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to...
CVE-2019-8447
The ServiceExecutor resource in Jira before version 8.3.2 allows remote attackers to trigger the creation of export files via a Cross-site request forgery CSRF vulnerability...