CVE-2026-44837

viewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file path with File.realpath, then checks whether the resolved path starts with the temp directory path...

WordPress which template file Plugin <= 4.8.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software which template file Type Plugin Vulnerable versions = 4.8.0 Fixed in 4.9.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45753 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fcfddfa64850 Credits yuyudhn Require...