9 matches found
CVE-2025-68080
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal User Avatar - Reloaded user-avatar-reloaded allows Stored XSS.This issue affects User Avatar - Reloaded: from n/a through = 1.2.2...
EUVD-2025-203538
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal User Avatar - Reloaded user-avatar-reloaded allows Stored XSS.This issue affects User Avatar - Reloaded: from n/a through = 1.2.2...
CVE-2025-68080
CVE-2025-68080 concerns the WordPress plugin User Avatar - Reloaded (versions up to and including 1.2.2). The issue is a Stored XSS vulnerability caused by improper neutralization of input during web page generation, enabling attacker-supplied content to be stored and executed in a user’s browser...
CVE-2025-68080 WordPress User Avatar - Reloaded plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal User Avatar - Reloaded user-avatar-reloaded allows Stored XSS.This issue affects User Avatar - Reloaded: from n/a through = 1.2.2...
CVE-2025-68080 WordPress User Avatar - Reloaded plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal User Avatar - Reloaded user-avatar-reloaded allows Stored XSS.This issue affects User Avatar - Reloaded: from n/a through = 1.2.2...
PT-2025-51460
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal User Avatar - Reloaded user-avatar-reloaded allows Stored XSS.This issue affects User Avatar - Reloaded: from n/a through = 1.2.2...
WordPress plugin User Avatar - Reloaded 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress User Avatar - Reloaded plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability
WordPress User Avatar - Reloaded plugin = 1.2.2 - Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin User Avatar - Reloaded versions = 1.2.2...
WordPress User Avatar - Reloaded Plugin < 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software User Avatar - Reloaded Type Plugin Vulnerable versions 1.2.2 Fixed in 1.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4798 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a4fd94410ec4 Credits Dmitrii Ignatyev...