4 matches found
EUVD-2025-4548
Malicious code in bioql PyPI...
CVE-2025-1407 AMO Team Showcase <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via amoteam_skills Shortcode
The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's amoteamskills shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-1407 AMO Team Showcase <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via amoteam_skills Shortcode
The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's amoteamskills shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress AMO Team Showcase plugin <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via amoteam_skills Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via amoteamskills Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin AMO Team Showcase versions = 1.1.4...