5 matches found
N2W 安全漏洞
N2W is a data backup and recovery software developed by N2W Corporation. Versions of N2W prior to 4.3.2 and 4.4.1 contained security vulnerabilities. These vulnerabilities were due to deceptive vulnerabilities, which could lead to remote code execution and theft of account credentials...
CVE-2025-13731
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'nxt-year' shortcode in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress CM Tooltip Glossary plugin <= 4.4.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.4.1...
PT-2024-29584
Name of the Vulnerable Software and Affected Versions fast-xml-parser versions prior to 4.4.1 Description A ReDOS issue exists in the currency.js component of the fast-xml-parser library, specifically affecting the experimental version 5. This issue can cause a denial of service during currency...
FusionPBX Cross-Site Scripting Vulnerability (CNVD-2019-43410)
FusionPBX is an open source enterprise IPPBX interface management system based on FreeSWITHC. A cross-site scripting vulnerability exists in app/voicemailgreetings/voicemailgreetingedit.php in FusionPBX 4.4.1. An attacker can exploit this vulnerability to inject arbitrary web script or HTML via t...