CVE-2024-13868

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-23789

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tahminajannat URL Shortener | Conversion Tracking | AB Testing | WooCommerce easy-broken-link-checker allows Reflected XSS.This issue affects URL Shortener | Conversion Tracking | AB Testing |...

CVE-2025-23789

CVE-2025-23789 – Reflected XSS in tahminajannat URL Shortener Root cause: Improper neutralization of input during web page generation in the WordPress URL Shortener (WooCommerce integration). This allows Reflected XSS, affecting WordPress plugins/ WooCommerce incorporation up to version 9.0.2 (pe...

WordPress plugin URL Shortener | Conversion Tracking  | AB Testing  | WooCommerce 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

coderedcms (>=0.21.0 <=0.22.3), coop (>=2.13.0 <=2.15.0) +15 more potentially affected by CVE-2022-21683 via wagtail (>=2.13.5 <=2.15.0)

wagtail PYPI version =2.13.5, =0.21.0, =2.13.0, =1.0.6, =0.2.2, =0.0.3, =0.1.0, =0.1.5, =1.0.0rc2, =0.9.3, =0.1.1, =1.0.1, =0.13.1, =0.13.2 and more Source cves: CVE-2022-21683 Source advisory: OSV:PYSEC-2022-13...

CVE-2016-10977

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal...

CVE-2016-10977

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal...

CVE-2016-10977

The CVE-2016-10977 entry concerns the Nelio AB Testing WordPress plugin. Affected software: Nelio AB Testing plugin for WordPress. Vulnerable component/issue: filename=..%2f directory traversal in versions before 4.5.0. Root cause: directory traversal flaw allows referencing files outside the int...

CVE-2016-10977

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal...

WordPress nelio-ab-testing plugin code issue vulnerability (CNVD-2019-30750)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. nelio-ab-testing is a plugin for A/B testing of websites. The WordPress nelio-ab-testing plugin has a code issue vulnerability and no...

WordPress nelio-ab-testing plugin code issue vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. nelio-ab-testing is a plugin for A/B testing of websites. The WordPress nelio-ab-testing plugin has a code issue vulnerability and no...

CVE-2016-10927

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...

CVE-2016-10926

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php...

CVE-2016-10927

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...

Server side request forgery (ssrf)

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...

Server side request forgery (ssrf)

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php...

CVE-2016-10927

CVE-2016-10927 affects the WordPress plugin nelio-ab-testing (pre-4.5.11). The vulnerability is an SSRF in ajax/iesupport.php, with CVSSv3 base score 10.0 (CRITICAL) and CVSSv2 base score 6.4 (MEDIUM). Impact indicators shown: high confidentiality and integrity impact, no availability impact; exp...

CVE-2016-10926

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php...

CVE-2016-10926

The CVE concerns the Nelio AB Testing WordPress plugin prior to version 4.5.9, which contains a Server-Side Request Forgery (SSRF) vulnerability in ajax/iesupport.php. Publicly documented impact indicates high risk to confidentiality and integrity (CVSS3 base score 10.0; vector: NETWORK, no privi...

WordPress nelio-ab-testing plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. nelio-ab-testing is a plugin for A/B testing of websites. A cross-site request forgery vulnerability exists in the WordPress...