CVE-2026-25964 | Tandoor Recipes up to 2.5.0 file_path path traversal (GHSA-6485-jr28-52xx)

Inserito da Angelo Barbosa | Feb 13, 2026 | CVE

A vulnerability marked as critical has been reported in Tandoor Recipes up to 2.5.0. This impacts an unknown function. This manipulation of the argument file_path causes path traversal.

This vulnerability is tracked as CVE-2026-25964. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-25964 | Tandoor Recipes up to 2.5.0 file_path path traversal (GHSA-6485-jr28-52xx)

Post correlati

CVE-2025-1689 | ThemeMakers PayPal Express Checkout Plugin up to 1.1.9 on WordPress Shortcode paypal cross site scripting

CVE-2024-21885 | X.org X11 Server XISendDeviceHierarchyEvent heap-based overflow

CVE-2024-35351 | Diño Physics School Assistant 2.3 SystemSettings.php name cross site scripting

CVE-2023-46219 | cURL up to 8.4.0 HSTS File Name lib/fopen.c missing encryption