CVE-2026-28110

CVE-2026-28110 is a Reflected Cross-Site Scripting vulnerability in LambertGroup AllInOne - Banner with Playlist (plugin: all-in-one-bannerWithPlaylist) affecting versions up to 3.8. The issue is a Cross-site Scripting flaw that can be triggered via input reflected in the web page; CVSS v3.1 base...

CVE-2026-28112 WordPress AllInOne - Banner Rotator plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue affects AllInOne - Banner Rotator: from n/a through = 3.8...

CVE-2026-28112

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue affects AllInOne - Banner Rotator: from n/a through = 3.8...

WordPress plugin LambertGroup - AllInOne - Banner with Playlist 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-23385

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue affects AllInOne - Banner Rotator: from n/a through = 3.8...

WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin = 3.8 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LambertGroup - AllInOne - Banner with Thumbnails versions = 3.8...

WordPress AllInOne - Banner Rotator plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress AllInOne - Banner Rotator plugin = 3.8 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin AllInOne - Banner Rotator versions = 3.8...

WordPress AllInOne - Banner Rotator Plugin <= 3.8 - SQL Injection Vulnerability

WordPress AllInOne - Banner Rotator Plugin = 3.8 - SQL Injection Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin AllInOne - Banner Rotator versions = 3.8...

WordPress LambertGroup - AllInOne - Banner with Playlist Plugin <= 3.8 - SQL Injection Vulnerability

WordPress LambertGroup - AllInOne - Banner with Playlist Plugin = 3.8 - SQL Injection Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LambertGroup - AllInOne - Banner with Playlist versions = 3.8...

CVE-2025-60110

CVE-2025-60110 — LambertGroup AllInOne - Banner Rotator suffers SQL Injection due to improper neutralization of input. Affected: AllInOne - Banner Rotator

CVE-2025-60107

CVE-2025-60107 affects LambertGroup - AllInOne - Banner with Playlist (WordPress plugin). The vulnerability is an SQL Injection (authenticated) in the Banner with Playlist module, exploitable by an authenticated user with Contributor+ privileges; the issue is currently Unpatched per the LambertGr...