EUVD-2025-205726

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

CVE-2025-69018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

CVE-2025-69018

CVE-2025-69018 affects Web Directory Free (WordPress) up to version 1.7.12. The Wordfence entry shows an authenticated (Contributor+) stored XSS vulnerability enabling DOM-based XSS during web page generation due to improper input neutralization. Patch status: Patched (fixed in a newer release).

CVE-2025-69018 WordPress Web Directory Free plugin <= 1.7.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

WordPress plugin Web Directory Free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-53899

Name of the Vulnerable Software and Affected Versions Shamalli Web Directory Free versions through 1.7.12 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for the injection of...

WordPress Web Directory Free plugin <= 1.7.12 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Web Directory Free versions = 1.7.12...

EUVD-2023-12869

Malicious code in bioql PyPI...

PT-2025-90: Local Privilege Escalation in SyncBackTouch

The vulnerability was identified in SyncBackTouch, version 1.7.9.0. The discovered vulnerability allows an attacker to escalate privileges from a normal user to root. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 14.07.2025 Recommendations: Update to version 1.7.12 ...

SUSE-SU-2025:20091-1 Security update for containerd

This update for containerd fixes the following issues: - Update to containerd v1.7.21. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7.21 Fixes CVE-2023-47108. bsc1217070 Fixes CVE-2023-45142. bsc1228553 - Update to containerd v1.7.17. Upstream release notes:...

dagster-dbt (>=0.20.5 <=0.21.6), dbt-postgres (>=1.7.0 <=1.7.12) +8 more potentially affected by unknown CVE via dbt-core (>=1.7.0 <=1.7.12)

dbt-core PYPI version =1.7.0, =0.20.5, =1.7.0, =0.0.2, =1.7.0, =0.0.4, =0.203.0.dev5, =0.0.1rc8, =0.4.2, =0.8.0 Source cves: unknown CVE Source advisory: OSV:GHSA-P72Q-H37J-3HQ7...

WordPress Plugin 360 Javascript Viewer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability...

WordPress Drop Shadow Boxes Plugin < 1.7.12 is vulnerable to Cross Site Scripting (XSS)

Software Drop Shadow Boxes Type Plugin Vulnerable versions 1.7.12 Fixed in 1.7.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8cdb65eb9ed4 Credits Rafie Muhammad Patchstack...

CVE-2023-0879

Cross-site Scripting XSS - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12...

CVE-2023-0879 Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

Cross-site Scripting XSS - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12...

CVE-2023-0879 Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

Cross-site Scripting XSS - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12...

BTCPay Server 跨站脚本漏洞

BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A cross-site scripting vulnerability exists in BTCPay Server versions prior to 1.7.12. An attacker exploited the vulnerability to perform a cross-site scripting attack...

PT-2023-16583 · Unknown · Btcpay Server

Name of the Vulnerable Software and Affected Versions: btcpayserver/btcpayserver versions prior to 1.7.12 Description: The issue is related to Cross-site Scripting XSS - Stored. This means that an attacker can inject malicious scripts into a website, which are then stored on the server and execut...

phpThumb is vulnerable to Server-Side Request Forgery (SSRF)

The default configuration of phpThumb before 1.7.12 has a false value for the disabledebug option, which allows remote attackers to conduct Server-Side Request Forgery SSRF attacks via the src parameter...

Cross-site Scripting in Beanstalk console

Beanstalk console prior to version 1.7.12 is vulnerable to cross-site scripting...