Nixpkgs security tracker

Dismissed

Permalink CVE-2025-22654

10.0 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

updated 1 year, 1 month ago by @fpletz Activity log

Created automatic suggestion 1 year, 1 month ago
@fpletz dismissed 1 year, 1 month ago

WordPress Simplified Plugin Plugin <= 1.0.6 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using Malicious Files. This issue affects Simplified: from n/a through 1.0.6.

References

https://patchstack.com/database/wordpress/plugin/simplified/vulnerability/wordp… vdb-entry

Affected products

simplified

=<1.0.6

Matching in nixpkgs

pkgs.gnomeExtensions.net-speed-simplified

A Net Speed extension With Loads of Customization. Fork of simplenetspeed

nixos-unstable 43
- nixpkgs-unstable 43
- nixos-unstable-small 43

pkgs.haskellPackages.phonetic-languages-simplified-base

A basics of the phonetic-languages functionality that can be groupped

nixos-unstable 0.9.0.0
- nixpkgs-unstable 0.9.0.0
- nixos-unstable-small 0.9.0.0

pkgs.haskellPackages.phonetic-languages-simplified-properties-array-common

Common functionality for 'with-tuples' and old version of properties

nixos-unstable 0.4.1.0
- nixpkgs-unstable 0.4.1.0
- nixos-unstable-small 0.4.1.0

Package maintainers

@honnip Jung seungwoo <me@honnip.page>

Suggestions search