2 matches found
CVE-2025-35112
Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31...
WordPress Multi Plugin Installer Plugin <= 1.1.0 - Local File Traversal
Because of this vulnerability, unauthenticated attackers can read arbitrary files. Solution Update the plugin...