EUVD-2023-32144

Malicious code in bioql PyPI...

WordPress plugin Photo Gallery by 10Web 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

CVE-2025-0613 Photo Gallery < 1.8.34 - Unauthenticated Stored XSS

The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed...

CVE-2025-0613 Photo Gallery < 1.8.34 - Unauthenticated Stored XSS

The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed...

PT-2023-21737 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.34 Description: The issue concerns a cross-site scripting XSS flaw in the User CP module, specifically via the user email field. This allows for potential malicious script execution. Recommendations: For versions...

MyBB 跨站脚本漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is easy to use, supports multiple languages, scalable and other features. A security vulnerability exists in MyBB versions prior to 1.8.34, which stems from a cross-site scripting...

CVE-2023-28467

In MyBB before 1.8.34, there is XSS in the User CP module via the user email field...

CVE-2023-28467

CVE-2023-28467 affects MyBB prior to 1.8.34. The vulnerability is a cross-site scripting (XSS) flaw in the User CP module that can be triggered via the user email field. Public sources consistently describe the issue as an XSS in the User Control Panel before version 1.8.34, with no additional de...