4 matches found
CVE-2025-68856
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in keeswolters Mopinion Feedback Form mopinion-feedback-form allows DOM-Based XSS.This issue affects Mopinion Feedback Form: from n/a through = 1.1.1...
PT-2024-17464 · WordPress · Video & Photo Gallery For Ultimate Member
Name of the Vulnerable Software and Affected Versions: Video & Photo Gallery for Ultimate Member plugin for WordPress versions up to, and including, 1.1.1 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output...
PT-2024-30816 · Themeum · Themeum Droip
Name of the Vulnerable Software and Affected Versions: Themeum Droip versions 1.1.1 and earlier Description: The issue is related to an Incorrect Authorization vulnerability, allowing users to access functionality not properly constrained by Access Control Lists ACLs. This means that certain...
PT-2023-19527 · WordPress · Blog-In-Blog
Name of the Vulnerable Software and Affected Versions: Blog-in-Blog plugin for WordPress versions up to, and including, 1.1.1 Description: The issue allows editor-level and above attackers to include and execute arbitrary files on the server via a shortcode attribute, potentially bypassing access...