3 matches found
WordPress plugin Smart Custom Fields 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-32757 Admidio: HTMLPurifier Bypass in eCard Message Allows HTML Email Injection
Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $POST'ecardmessage' value instead of the HTMLPurifier-sanitized $formValues'ecardmessage' when constructing the greeting card HTML. This allows an authenticated attacker to inject...
Redmine Security Vulnerabilities
Redmine is a set of open source Web-based project management and defect tracking tools . The product provides features such as project management, issue tracking and role-based access control. A security vulnerability exists in Redmine versions prior to 4.2.11 and 5.0.x prior to 5.0.6, which stem...