CVE-2025-10000 Qyrr – simply and modern QR-Code creation <= 2.0.7 - Authenticated (Contributor+) Arbitrary File Upload

The Qyrr – simply and modern QR-Code creation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the blobtofile function in all versions up to, and including, 2.0.7. This makes it possible for authenticated attackers, with Contributor-level access...

PCMan FTP Server 安全漏洞

PCMan FTP Server is a suite of FTP server software from PCMan Open Source. A security vulnerability exists in PCMan FTP Server version 2.0.7, which stems from improper handling of the component NOOP Command Handler, which may result in a buffer overflow...

TRENDnet TEW-411BRP+ 安全漏洞

The TRENDnet TEW-411BRP+ is a smart switch from Trendnet, Inc. A security vulnerability exists in the TRENDnet TEW-411BRP+ version 2.07 that stems from a null pointer dereference issue in the HTTP request processing component...

Adive Framework Cross-Site Scripting Vulnerability (CNVD-2020-17024)

Adive Framework is a PHP-based MySQL database management framework . A cross-site scripting vulnerability exists in Adive Framework 2.0.7 and earlier versions, which stems from the lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute...

WordPress WP Maintenance Mode Plugin Arbitrary PHP Code Execution Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WP Maintenance Mode Plugin is used in one of the site maintenance page settings plugin. An arbitrary PHP code...