Description
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Remediation
References
Related Vulnerabilities
WordPress Plugin LB Mixed Slideshow 'upload.php' Arbitrary File Upload (1.0)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Unspecified Vulnerability (4.10.2)
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Security Bypass (3.0.1)
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.1)