CVE-2025-59518

In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...

WordPress Seraphinite Post .DOCX Source Plugin <= 2.16.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Seraphinite Post .DOCX Source Type Plugin Vulnerable versions = 2.16.6 Fixed in 2.16.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48279 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7c64d199da35 Credits...