PT-2026-3160

Name of the Vulnerable Software and Affected Versions WebsiteBaker version 2.13.0 Description WebsiteBaker version 2.13.0 has a flaw that permits authenticated users with language editing rights to execute code remotely. This is possible through manipulation of parameters within the language...

GHSA-9P44-Q66P-XM6P ProcessWire CMS vulnerable to resource-exhaustion Denial of Service

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service...