GHSA-QH8M-9QXX-53M5 CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting

Impact The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. Patches This issue has been fixed in 5.2.12 and 5.3.1 Workarounds If you are unable to upgrade, you should avoid using Paginator::limitControl until you can upgrade...

CVE-2026-23643 CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting

CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...

EUVD-2025-198145

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12...

WordPress Advanced File Manager plugin 5.2.12-5.2.13 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin Advanced File Manager versions 5.2.12-5.2.13...