OpenClaw Server-Side Request Forgery Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a server-side request forgery vulnerability that stems from a server-side request forgery vulnerability in QQBot direct media uploads that skips URL authentication. An attacker can exploit this...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the currentDirectory parameter in the media upload process. An attacker can achieve arbitrary code execution and full server compromise by uploading a crafted file containing executable code to a location outside...

AzuraCast has Path Traversal in `currentDirectory` Parameter that Enables Remote Code Execution via Media Upload

Summary The currentDirectory request parameter in the Flow.js media upload endpoint POST /api/station/stationid/files/upload is not sanitized for path traversal sequences. When combined with a local filesystem storage backend the default, an authenticated user with media management permissions ca...

CVE-2026-25133

October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting XSS vulnerability in the SVG sanitization logic. The regex pattern used to strip event handler attributes such as onclick or onload could be bypassed using a...

Unspecified Vulnerability in WordPress Plugin Listeo Core

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Listeo Core, which stems from a lack of...

CVE-2025-14938

The Listeo Core plugin for WordPress is vulnerable to unauthenticated arbitrary media upload in all versions up to, and including, 2.0.27 via the "listeocorehandledroppedmedia" function. This is due to missing authorization and capability checks on the AJAX endpoint handling file uploads. This...

WordPress plugin Listeo Core 代码问题漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Listeo Core, which stems from a lack of...

CVE-2026-28791

Tina is a headless content management system. Prior to 2.1.7, a path traversal vulnerability exists in the TinaCMS development server's media upload handler. The code at media.ts joins user-controlled path segments using path.join without validating that the resulting path stays within the intend...

CVE-2026-1103 AIKTP <= 5.0.04 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions

The AIKTP plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the /aiktp/getToken REST API endpoint in all versions up to, and including, 5.0.04. The endpoint uses the 'verifyuserloggedin' as a permission callback, which only checks if a...

CVE-2005-1450

Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact...

CVE-2025-11363 Royal Elementor Addons and Templates < 1.7.1037 - Unauthenticated Media File Upload

The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper authorisation, allowing unauthenticated users to upload media files via the wpraddonsuploadfile action...

PT-2025-51197

The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper authorisation, allowing unauthenticated users to upload media files via the wpr addons upload file action...

PT-2025-50847

The URL Media Uploader plugin for WordPress is vulnerable to unauthorized safe file uploads due to a missing capability check on the url media uploader url upload ajax handler function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with...

CVE-2025-13381

CVE-2025-13381 (AYS & WordPress) Vulnerability exists in the AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress due to a missing capability check in the ays_chatgpt_save_wp_media function through version 2.7.0, enabling unauthenticated users to upload media files. Wordfence...

WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.0 - Missing Authorization to Unauthenticated Media File Uploads vulnerability

Missing Authorization to Unauthenticated Media File Uploads vulnerability discovered by blue0x1 in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.7.0...

EUVD-2019-7029

Malware in sbrugna...

EUVD-2022-4289

Malicious code in bioql PyPI...

CVE-2025-52353

An arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Media Manager allows authenticated users to upload files containing embedded PHP code via the file-upload endpoint, bypassing content-type validation. When such a file is accessed via its URL, the server executes the PHP payload,...

Linux Distros Unpatched Vulnerability : CVE-2019-16217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress before 5.2.3 allows XSS in media uploads because wpajaxuploadattachment is mishandled. CVE-2019-16217 Note that Nessus relies on the presence of the...

CVE-2020-5810

A stored XSS vulnerability exists in Umbraco CMS = 8.9.1 or current. An authenticated user authorized to upload media can upload a malicious .svg file which act as a stored XSS payload...