CVE-2025-47475 WordPress JupiterX Core plugin <= 4.8.11 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in artbees JupiterX Core jupiterx-core allows Stored XSS.This issue affects JupiterX Core: from n/a through = 4.8.11...

WordPress plugin Jupiter X Core 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

Design/Logic Flaw

Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI. All versions of Zope 4 and Zope 5 are affected. Patches will be released wit...

CVE-2023-44389 Zope management interface vulnerable to stored cross site scripting via the title property

Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI. All versions of Zope 4 and Zope 5 are affected. Patches will be released wit...

Zope management interface vulnerable to stored cross site scripting via the title property

Impact The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI because the title property is displayed unquoted in the breadcrumbs element. All versions of Zope 4 and Zope 5 are...

GHSA-M755-GXXG-R5QH Zope management interface vulnerable to stored cross site scripting via the title property

Impact The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI because the title property is displayed unquoted in the breadcrumbs element. All versions of Zope 4 and Zope 5 are...

SUSE CVE-2019-3880

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions...

WSO2 carbon-registry Cross-site Scripting vulnerability

A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file components/registry/org.wso2.carbon.registry.search.ui/src/main/resources/web/search/advancedSearchForm-ajaxprocessor.jsp of the...

GHSA-J34R-57XJ-PFM5 WSO2 carbon-registry Cross-site Scripting vulnerability

A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file components/registry/org.wso2.carbon.registry.search.ui/src/main/resources/web/search/advancedSearchForm-ajaxprocessor.jsp of the...

CVE-2022-4520 WSO2 carbon-registry Advanced Search advancedSearchForm-ajaxprocessor.jsp cross site scripting

A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file components/registry/org.wso2.carbon.registry.search.ui/src/main/resources/web/search/advancedSearchForm-ajaxprocessor.jsp of the...

PT-2022-27428 · Wso2 · Wso2 Carbon-Registry

Name of the Vulnerable Software and Affected Versions: WSO2 carbon-registry versions up to 4.8.11 Description: A vulnerability was found in the Advanced Search component of WSO2 carbon-registry, affecting some unknown functionality of the file...

WordPress 4.8.x < 4.8.11 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability in Customizer. - An unspecified issue which could lead to disclosure of unauthenticated posts. - A cross-site scripting XSS...

DEBIAN-CVE-2019-3880

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions...

ALPINE-CVE-2019-3880

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions...

PT-2018-13078 · Telegram · Org.Telegram.Messenger

Name of the Vulnerable Software and Affected Versions: org.telegram.messenger application version 4.8.11 Description: The issue allows authentication bypass via runtime manipulation that forces a certain method's return value to true, enabling an attacker to authenticate with an arbitrary passcod...

PT-2018-13079 · Telegram · Org.Telegram.Messenger

Name of the Vulnerable Software and Affected Versions: org.telegram.messenger application version 4.8.11 Description: An issue in the FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded...

[SECURITY] Fedora 23 Update: kernel-4.8.11-100.fc23

The kernel meta package...

WordPress WP Photo Album Plus Plugin 'Search Photos' XSS Vulnerability

WordPress WP Photo Album Plus Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...