10 matches found
CVE-2023-54251
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller found zero division error 0 in divs64rem called from getcycletimeelapsed, where sched-cycletime is the divisor. We have tests in parsetaprioschedule so tha...
EUVD-2025-60961
The Skip to Timestamp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skipto' shortcode in all versions up to, and including, 1.4.4. This is due to insufficient input sanitization and output escaping on the 'time' attribute. This makes it possible for authenticated...
CVE-2025-11805 Skip to Timestamp <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Skip to Timestamp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skipto' shortcode in all versions up to, and including, 1.4.4. This is due to insufficient input sanitization and output escaping on the 'time' attribute. This makes it possible for authenticated...
CVE-2025-11805
The CVE CVE-2025-11805 concerns the WordPress plugin Skip to Timestamp (versions
CVE-2025-11805 Skip to Timestamp <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Skip to Timestamp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skipto' shortcode in all versions up to, and including, 1.4.4. This is due to insufficient input sanitization and output escaping on the 'time' attribute. This makes it possible for authenticated...
PT-2025-46250
Name of the Vulnerable Software and Affected Versions Skip to Timestamp plugin for WordPress versions prior to 1.4.5 Description The Skip to Timestamp plugin for WordPress is susceptible to Stored Cross-Site Scripting through the skipto shortcode. Insufficient input sanitization and output escapi...
WordPress plugin Skip to Timestamp 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2014-125114
CVE-2014-125114 affects i-Ftp v2.20. The root cause is a stack-based buffer overflow due to improper handling of the Time attribute in Schedule.xml, which can occur when a crafted Schedule.xml is parsed during scheduled downloads. This can lead to arbitrary code execution or a crash, as described...
Pablo Software Solutions i-Ftp 安全漏洞
Pablo Software Solutions i-Ftp is an FTP client software from Pablo Software Solutions. A security vulnerability exists in Pablo Software Solutions i-Ftp version 2.20, which stems from improper handling of the Time attribute in Schedule.xml, and could lead to a stack buffer overflow and arbitrary...
SUSE CVE-2024-57895
In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...