2 matches found
CVE-2025-64046
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in the /system/update-run.php endpoint. The Red Hat/EUVD/NVD and related feeds confirm the same description. The root cause is a reflected or stored XSS flaw in that API endpoint, enabling injection of malicious scripts. Impact ...
VulnCheck KEV: CVE-2020-25213
WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site...