EUVD-2026-14361

The trxaddons WordPress plugin before 2.38.5 does not correctly validate file types in one of its AJAX action, allowing unauthenticated users to upload arbitrary file. This is due to an incorrect fix of CVE-2024-13448...

PT-2026-27060

Name of the Vulnerable Software and Affected Versions trx addons WordPress plugin versions prior to 2.38.5 Description The software does not properly validate file types during an AJAX action, potentially allowing unauthenticated users to upload arbitrary files. This is related to a previous fix...

webkit2gtk3 security update

2.38.5-1.5 - Disable JIT CVE-2023-32435, CVE-2023-32439...

Amazon Linux 2 : webkitgtk4 (ALAS-2023-2141)

The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2141 advisory. Processing web content may lead to arbitrary code execution NOTE:...

webkit2gtk3 security update

2.38.5-1.3 - Restore libwpe and wpebackend-fdo dependencies Related: 2185741 sort of 2.38.5-1.2 - Disable libwpe and wpebackend-fdo dependencies Related: 2185741 sort of 2.38.5-1.1 - Add patch for CVE-2023-28205 Resolves: 2185741 2.38.5-1 - Update to 2.38.5 Related: 2127468 2.38.4-1 - Update to...

webkit2gtk3 security and bug fix update

2.38.5-1 - Update to 2.38.5 Related: 2127468 2.38.4-1 - Update to 2.38.4 Related: 2127468 2.38.3-1 - Update to 2.38.3 Related: 2127468 2.38.2-1 - Update to 2.38.2 Related: 2127468 2.38.1-2 - Fix crashes on aarch64 Enable WPE renderer Related: 2127468 2.38.1-1 - Update to 2.38.1 Related: 2127468...

webkit2gtk3 security and bug fix update

2.38.5-1 - Update to 2.38.5 Related: 2127467 2.38.4-1 - Update to 2.38.4 Related: 2127467 2.38.3-1 - Update to 2.38.3 Related: 2127467 2.38.2-1 - Update to 2.38.2 Related: 2127467 2.38.1-2 - Fix use with aarch64 64 KiB page size Related: 2127467 2.38.1-1 - Update to 2.38.1 Resolves: 2127467...