The Slideshow Gallery LITE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alwaysauto' shortcode attribute in all versions up to, and including, 1.8.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it p...
Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials authent...
ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers
TinaCMS rich-text (slatejson) rendering does not sanitize link/image URLs, allowing stored XSS via dangerous URL schemes
Hydro: Insufficient session expiration when recreating sessions
http-proxy-middleware: multipart/form-data field injection via unescaped CRLF in `fixRequestBody`
http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass
NCalc: Denial of Service via Unbounded and Non-Terminating Factorial Evaluation
piscina: Prototype Pollution Gadget โ RCE via inherited options.filename
Docker MCP Gateway: Argument injection via OCI image label YAML
jodit: Prototype pollution in Jodit via Jodit.modules.Helpers.set()
Gotenberg: SSRF via LibreOffice document processing
Strimzi: Unrestricted access to all Secrets within namespace watched by the Topic operator
Strimzi: Cross-namespace privilege escalation via `Kafka.spec.entityOperator`
The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server.
Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to stored Cross-Site Scripting in the Personal File Storage (PFS) module. A folder title (pff_title) is imported with the 'TXT' filter, which does not strip or encode HTML (the tag check in cot_import is disabled), so an authenti...
Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.editfolder.php, the folder update action ('a=update') updates folder metadata (title, description, public/gallery flags) without call...
Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.main.php, the file upload action ('a=upload') processes uploaded files without calling cot_check_xg() to validate the anti-CSRF token...
Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action ('a=update') modifies group access rights (including via cot_auth_add_group) without calling cot_check...
Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration configuration handler. In system/admin/admin.config.php, the configuration update action ('a=update') processes POST data via cot_config_update_options() without calling cot_che...