PT-2022-23261 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS versions 5.7.94 through 5.7.97 Description: A remote code execution issue was found in the member toadmin.php file. Recommendations: For versions 5.7.94 through 5.7.97, as a temporary workaround, consider disabling access to the membe...

WordPress Contact Form 7 Integrations Plugin <= 1.3.10 - Multiple XSS

Because of these vulnerabilities in includes/toAdmin.php, the attackers can inject arbitrary web script or HTML via the "uE" or "uC" parameter. Solution Update the plugin...