WordPress plugin Section Widget 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-22109 · Unknown · Section Widget

Name of the Vulnerable Software and Affected Versions: Section Widget versions n/a through 3.3.1 Description: The issue is related to a Path Traversal vulnerability, specifically a '.../...//' vulnerability in the ctltwp Section Widget, which allows Path Traversal. Recommendations: For versions n...

WordPress plugin Download Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exists in...

WordPress plugin LearnPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin HD Quiz 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin MailPoet 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Calculated Fields Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Save as Image Plugin by Pdfcrowd 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Smart Post Show 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress Section Widget plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Section Widget versions = 3.3.1...

The vulnerability of the course_can_delete_section() function in the virtual learning environment Moodle, which allows a violator to increase their privileges

The vulnerability of the coursecandeletesection function in the virtual learning environment Moodle is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...

CVE-2024-53568

A stored cross-site scripting XSS vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter...

GHSA-CPM7-MV33-JWF8 Moodle's AJAX section delete does not respect course_can_delete_section()

A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify...

Moodle's AJAX section delete does not respect course_can_delete_section()

A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify...

CVE-2025-3644

A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify...

CVE-2025-3644

A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify...

PT-2025-17585 · Unknown · Volmarg Personal Management System

Name of the Vulnerable Software and Affected Versions: Volmarg Personal Management System version 1.4.65 Description: A stored cross-site scripting XSS issue exists in the New Goal Creation section, allowing authenticated attackers to execute arbitrary web scripts or HTML by injecting a crafted...

Personal Management System 安全漏洞

Personal Management System is a web application for managing personal data by Dariusz Personal Developer. A security vulnerability exists in Personal Management System v1.4.65, which stems from the injection of a specially crafted payload into the tag parameter in the Image Upload section, which...

GNU elfutils eu-readelf readelf.c print_string_section buffer overflow

...

CVE-2025-1980 Remote Code Execution via Unrestricted File Upload in Ready_

The Ready application's Profile section allows users to upload files of any type and extension without restriction. If the server is misconfigured, as it was by default when installed at the turn of 2021 and 2022, it can result in Remote Code Execution. Refer to the Required Configuration for...