60 matches found
CVE-2025-15458
A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-15458
A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-15458 bg5sbk MiniCMS Article post-edit.php improper authentication
A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-15458 bg5sbk MiniCMS Article post-edit.php improper authentication
A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-15458
CVE-2025-15458 affects bg5sbk MiniCMS
PT-2026-1212
Name of the Vulnerable Software and Affected Versions bg5sbk MiniCMS versions up to 1.8 Description A flaw exists in bg5sbk MiniCMS that can lead to improper authentication. The issue affects an unknown function within the Article Handler component, specifically in the file /mc-admin/post-edit.ph...
MiniCMS 授权问题漏洞
MiniCMS is a mini content management system designed for personal websites by the individual developer of Dada bg5sbk. An authorization issue vulnerability exists in MiniCMS 1.8 and earlier versions, which stems from an incorrect operation of the file /mc-admin/post-edit.php of the component...
EUVD-2025-206069
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill allows Reflected XSS.This issue affects custom-post-edit: from n/a through 1.0.4...
CVE-2025-23667
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill custom-post-edit front-end-post-edit allows Reflected XSS.This issue affects custom-post-edit: from n/a through = 1.0.4...
CVE-2025-23667 WordPress custom-post-edit plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill allows Reflected XSS.This issue affects custom-post-edit: from n/a through 1.0.4...
CVE-2025-23667
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill custom-post-edit front-end-post-edit allows Reflected XSS.This issue affects custom-post-edit: from n/a through = 1.0.4...
CVE-2025-23667 WordPress custom-post-edit plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christopher Churchill custom-post-edit front-end-post-edit allows Reflected XSS.This issue affects custom-post-edit: from n/a through = 1.0.4...
CVE-2025-23667
CVE-2025-23667 concerns WordPress plugin custom-post-edit (
WordPress plugin custom-post-edit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2025-55073
Mattermost Server contains CVE-2025-55073: versions 10.11.x (<=10.11.3), 10.5.x (<=10.5.11), and 10.12.x (
CVE-2025-55073 MS Teams plugin OAuth allows editing arbitrary posts
Mattermost versions 10.11.x = 10.11.3, 10.5.x = 10.5.11, 10.12.x = 10.12.0 fail to validate the relationship between the post being updated and the MSTeams plugin OAuth flow which allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.11.3 and prior to 10.11.x, 10.5.11 and prior to 10.5.x, and 10.12.0 and prior to 10.12.x. The vulnerability stems from an unvalidated post upda...
CVE-2025-5071
The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'MeowMWAILabsMCP::canaccessmcp' function in versions 2.8.0 to 2.8.3. This makes it possible for authenticated attackers, with subscriber-level access and...
WordPress custom-post-edit plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin custom-post-edit versions = 1.0.4...
Online News site 安全漏洞
Online News site is an online news site by the individual developer Mobina Jafarian. A security vulnerability exists in Online News site version v1.0, which stems from vulnerability to cross-site scripting XSS attacks and allows an attacker to execute arbitrary code via the title and summary fiel...