Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9.
Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to limited file uploads due to insufficient file type validation in the upload_file() function in all versions up to, and including, 13.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload files on the affected site's server which may make remote code execution possible and is confirmed to make Cross-Site Scripting possible.
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser (XSS) via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices.
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. When DirectoryPress Frontend is installed, this can be exploited by unauthenticated users.
Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.
Unrestricted Upload of File with Dangerous Type in Packagist jsdecena/laracom prior to v2.0.9.
Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.