7 matches found
EUVD-2026-9628
Insertion of Sensitive Information Into Sent Data vulnerability in Premio Chaty chaty allows Retrieve Embedded Sensitive Data.This issue affects Chaty: from n/a through = 3.5.1...
PT-2025-46800
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1...
CVE-2025-54731
Improper Control of Generation of Code 'Code Injection' vulnerability in emarket-design YouTube Showcase youtube-showcase allows Object Injection.This issue affects YouTube Showcase: from n/a through = 3.5.1...
WordPress YouTube Showcase Plugin <= 3.5.1 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by astra.r3verii in WordPress Plugin YouTube Showcase versions = 3.5.1...
PT-2025-4455 · Unknown · Hide Login+
Name of the Vulnerable Software and Affected Versions: Hide Login+ versions 3.5.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For Hide Login+ versions 3.5...
PT-2024-30449 · WordPress · Wp Travel Gutenberg Blocks
Name of the Vulnerable Software and Affected Versions: WP Travel Gutenberg Blocks versions through 3.5.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: F...
JeecgBoot SQL注入漏洞
JeecgBoot is a Chinese Java low-code platform for enterprise web applications. A security vulnerability exists in JeecgBoot 3.5.1 and earlier versions, which stems from a SQL injection vulnerability in the component queryTableDictItemsByCode...