2 matches found
CVE-2025-54793 Astro: Duplicate trailing slash feature can lead to Open Redirects
Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...
PT-2023-16613 · WordPress · Shortcodes Ultimate
Name of the Vulnerable Software and Affected Versions: WordPress Shortcodes Plugin — Shortcodes Ultimate versions prior to 5.12.8 Description: The issue allows any authenticated users, such as subscribers, to retrieve arbitrary user meta, excluding the user pass, via the user shortcode. This...