CVE-2025-15473 Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

WordPress plugin Timetics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Pure-FTPd 安全漏洞

Pure-FTPd is an FTP File Transfer Protocol server from the individual developer Frank Denis. A security vulnerability exists in Pure-FTPd versions prior to 1.0.52, which stems from an out-of-bounds read problem in the domlsd of the ls.c file...

CVE-2024-21901 myQNAPcloud

A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 2023/11/24 and later QTS...