CVE-2026-39859 | harttle liquidjs 10.25.0/10.25.1 renderFile/parseFile path traversal

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability categorized as critical has been discovered in harttle liquidjs 10.25.0/10.25.1. This impacts the function renderFile/parseFile. Executing a manipulation can lead to path traversal.

This vulnerability is handled as CVE-2026-39859. The attack can be executed remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-39859 | harttle liquidjs 10.25.0/10.25.1 renderFile/parseFile path traversal

Post correlati

CVE-2023-6369 | Export WP Page to Static HTML-CSS Plugin up to 2.1.9 on WordPress authorization

CVE-2024-1834 | SourceCodester Simple Student Attendance System 1.0 ?page=attendance&class_id=1 class_date cross site scripting

CVE-2025-10246 | lokibhardwaj PHP-Code-For-Unlimited-File-Upload up to 124fe96324915490c81eaf7db3234b0b4e4bab3c /f.php h cross site scripting

CVE-2025-12481 | WP Duplicate Page Plugin up to 1.7 on WordPress saveSettings authorization