OESA-2025-1642 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: A vulnerability, which was classified as problematic, was found in Django up to 4.2.21/5.1.9/5.2.1 Content Management System.CWE is classifying the issue as CWE-117. The product does n...

CVE-2025-48261

CVE-2025-48261 is an information exposure issue in MultiVendorX (WordPress plugin) described as an insertion of sensitive information into sent data, allowing retrieval of embedded sensitive data. Affected releases range up to 4.2.22; multiple sources label the CVE with a CVSS v3.1 base score of ...

Django 安全漏洞

Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions prior to 5.2.2, prior to 5.1.10, and prio...

CVE-2025-48263

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Stored XSS.This issue affects MultiVendorX: from n/a through = 4.2.22...

CVE-2025-48263 WordPress MultiVendorX plugin <= 4.2.22 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Stored XSS.This issue affects MultiVendorX: from n/a through = 4.2.22...

CVE-2025-4101

The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is vulnerable to unauthorized loss of data due to a misconfigured capability check on the 'deletefpmproduct' function in all versions up to, and including, 4.2.22. This makes it possible for authenticated...

WordPress plugin MultiVendorX – WooCommerce Multivendor Marketplace Solutions 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in WordPress plugin MultiVendorX -...

Fastspot BigTree File Upload Vulnerability

Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. Fastspot BigTree 4.2.22 and earlier versions of site/index.php/admin/trees/add/ has a security vulnerability , the vulnerability stems from core/inc/bigtree/apis/storage.php fi...

BigTree CMS < 4.2.22 XSS Vulnerability

BigTree CMS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...