WordPress plugin Admin and Customer Messages After Order for WooCommerce: OrderConvo 代码问题漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Admin and Customer Messag...

PT-2024-14887 · WordPress · Essential Real Estate

Name of the Vulnerable Software and Affected Versions: The Essential Real Estate WordPress plugin versions prior to 4.4.0 Description: The issue allows users with limited privileges, such as subscribers, to upload malicious PHP files disguised as ZIP archives, potentially leading to remote code...

PT-2022-13550 · Showdoc · Showdoc

Name of the Vulnerable Software and Affected Versions: showdoc versions prior to 2.10.4 Description: The issue concerns an unrestricted upload of files with dangerous types in the GitHub repository star7th/showdoc. This is due to the upload feature allowing files with the extension .html, which c...

PT-2021-15303 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 8.5.6 and below Description: A bypass in the Concrete CMS File Manager leads to remote code execution. The external file upload feature stages files in the public directory even if they have disallowed file extensions,...

PT-2019-15858 · Alfresco · Alfresco Enterprise

Name of the Vulnerable Software and Affected Versions: Alfresco Enterprise versions prior to 5.2.5 Description: The issue allows for stored XSS via an uploaded HTML document. This means an attacker can upload a malicious HTML file to the system, which can then execute scripts on the user's browse...