2 matches found
WordPress iFrame Block plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 63n0 Patchstack Bug Bounty Program in WordPress Plugin iFrame Block versions = 0.1.1...
CVE-2025-55149 Path Traversal Vulnerability in PDF Review Function (CWE-22)
Tiny-Scientist is a lightweight framework for automating the entire lifecycle of scientific research—from ideation to implementation, writing, and review. In versions 0.1.1 and below, a critical path traversal vulnerability has been identified in the reviewpaper function in backend/app.py. The...