4 matches found
CVE-2025-68733
CVE-2025-68733 is a Linux kernel vulnerability in the SMACK labeling feature. The issue allowed an unprivileged task that relabels itself (when /smack/relabel-self is non-empty) to create new labels by writing names into /proc/PID/attr/smack/current. Root cause: do_setattr() imported the provided...
EUVD-2025-203186
The Custom Post Type UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'label' parameter during custom post type import in all versions up to, and including, 1.18.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-14056
The Custom Post Type UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'label' parameter during custom post type import in all versions up to, and including, 1.18.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-14056
The Custom Post Type UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'label' parameter during custom post type import in all versions up to, and including, 1.18.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...