120 matches found
gotham-recon
Documentation Complete du Systeme d'Agents CrewAI Guide t...
WordPress Gotham Block Extra Light plugin cross-site scripting vulnerability
The WordPress Gotham Block Extra Light plugin is a tool for detecting if ad blocking software such as AdBlock is enabled in a visitor's browser. The WordPress Gotham Block Extra Light plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...
WordPress Gotham Block Extra Light plugin path traversal vulnerability
The WordPress Gotham Block Extra Light plugin is a tool for detecting if ad blocking software such as AdBlock is enabled in a visitor's browser. A path traversal vulnerability exists in the WordPress Gotham Block Extra Light plugin, which stems from the mishandling of the ghostban shortcode, and...
CVE-2025-15020
The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...
WordPress Gotham Block Extra Light plugin <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' Shortcode vulnerability
Authenticated Contributor+ Arbitrary File Read via 'ghostban' Shortcode vulnerability discovered by 0x34rth in WordPress Plugin Gotham Block Extra Light versions = 1.5.0...
CVE-2025-15020
The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...
CVE-2025-15021
The Gotham Block Extra Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2025-15021 Gotham Block Extra Light <= 1.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings
The Gotham Block Extra Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2025-15021 Gotham Block Extra Light <= 1.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings
The Gotham Block Extra Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2025-15021
The CVE-2025-15021 entry concerns the WordPress Gotham Block Extra Light plugin. A stored XSS vulnerability exists in admin settings for all versions up to 1.5.0, caused by insufficient input sanitization and output escaping. Authenticated attackers with administrator-level permissions (and above...
CVE-2025-15020 Gotham Block Extra Light <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' Shortcode
The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...
CVE-2025-15020 Gotham Block Extra Light <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' Shortcode
The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...
CVE-2025-15020
CVE-2025-15020 affects the WordPress plugin Gotham Block Extra Light
WordPress plugin Gotham Block Extra Light 跨站脚本漏洞
The WordPress Gotham Block Extra Light plugin is a tool for detecting if ad blocking software such as AdBlock is enabled in a visitor's browser. The WordPress Gotham Block Extra Light plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...
WordPress plugin Gotham Block Extra Light 路径遍历漏洞
The WordPress Gotham Block Extra Light plugin is a tool for detecting if ad blocking software such as AdBlock is enabled in a visitor's browser. A path traversal vulnerability exists in the WordPress Gotham Block Extra Light plugin, which stems from the mishandling of the ghostban shortcode, and...
PT-2026-2821
The Gotham Block Extra Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
WordPress Gotham Block Extra Light plugin <= 1.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via plugin Settings vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via plugin Settings vulnerability discovered by 0x34rth in WordPress Plugin Gotham Block Extra Light versions = 1.5.0...
Palantir Gotham和Palantir Dossier 安全漏洞
Palantir Gotham and Palantir Dossier are both products of Palantir Corporation, a U.S.-based company.Palantir Gotham is a commercially available, artificial intelligence-enabled operating system.Palantir Dossier is a writing survey and dynamic reporting tool. A security vulnerability exists in...
CVE-2023-30971
Gotham Gaia application was found to be exposing multiple unauthenticated endpoints...
CVE-2024-49587
Glutton V1 service endpoints were exposed without any authentication on Gotham stacks, this could have allowed users that did not have any permission to hit glutton backend directly and read/update/delete data. The affected service has been patched and automatically deployed to all Apollo-managed...