7 matches found
WordPress Loco Translate plugin <= 2.8.2 - Authenticated (Translator+) Path Traversal to Limited File Read vulnerability
Authenticated Translator+ Path Traversal to Limited File Read vulnerability discovered by shark3y in WordPress Plugin Loco Translate versions = 2.8.2...
CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read
The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...
CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read
The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...
CVE-2025-11738
CVE-2025-11738 affects the WordPress Media Library Assistant plugin (versions up to 3.29). The vulnerability allows unauthenticated attackers to read arbitrary ai/eps/pdf/ps files on the server via mla-stream-image.php, exposing sensitive information. Wordfence’s vulnerability briefing confirms a...
Adobe ColdFusion Server-Side Request Forgery Vulnerability
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a server-side request forgery vulnerability that can be exploited by an attacker t...
CVE-2025-54234
CVE-2025-54234 affects Adobe ColdFusion: SSRF allows a high-privilege authenticated attacker to cause the application to fetch arbitrary URLs, potentially enabling a limited file system read. Affected versions include ColdFusion 2025.1, 2023.13, 2021.19 and earlier; exploitation requires no user ...
Adobe ColdFusion 代码问题漏洞
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a server-side request forgery vulnerability that can be exploited by an attacker t...