CVE-2025-54417 Craft contains a theoretical bypass for CVE-2025-23209

Craft is a platform for creating digital experiences. Versions 4.13.8 through 4.16.2 and 5.5.8 through 5.8.3 contain a vulnerability that can bypass CVE-2025-23209: "Craft CMS has a potential RCE with a compromised security key". To exploit this vulnerability, the project must meet these...

WordPress plugin WordPress File Upload Free and Pro 路径遍历漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL server set up a personal blog site . WordPress plugin is an open source WordPress application plugin . A path traversal vulnerability exists in the WordPress Fil...

WordPress plugin 跨站脚本漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress File Upload plugin versions prior to 4.16.3 have a cross-site scripting vulnerability that stems from the plugin's failure to evade some of...

WordPress Meta Box Plugin Path Traversal Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Meta Box plugin is a custom field plugin used in it. A path traversal vulnerability exists in WordPress Meta Box plugin versions prior ...