Medium CVE-2026-2500 The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the `qckply_data()` function passing the user-supplied `filename` POST parameter directly to `file_get_contents()` without any validation,...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Medium] CVE-2026-2500 – The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all...

VERWANDTEARTIKEL

CVE-2026-20245

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

Claude Opus Found a Four-Year-Old Hole in Zcash’s Privacy Layer. Nobody Knows If Someone Already Used It.

CISA Warns of SolarWinds Serv-U Vulnerability Exploited in Attacks

Critical Hugging Face Transformers Vulnerability Enables Remote Code Execution Attacks

[High] CVE-2026-9851 – The Booking Package plugin for WordPress is vulnerable to Privilege Escalation v...