2 matches found
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection due to the improper handling of environment variables during the decryption process. An attacker with control over .ejson files can execute arbitrary commands on the host system by injecting malicious keys or encrypted...
PT-2023-9859 · WordPress · Subscribe To Comments Plugin
Name of the Vulnerable Software and Affected Versions: Subscribe to Comments Plugin versions up to 2.0.7 Description: A problematic vulnerability was found in the Subscribe to Comments Plugin, affecting an unknown part of the file subscribe-to-comments.php. The manipulation leads to cross site...