WordPress plugin Prime Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

PT-2025-1734 · WordPress · The Prime Slider – Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Prime Slider – Addons For Elementor plugin for WordPress versions up to, and including, 3.16.5 Description: The issue concerns a Stored Cross-Site Scripting vulnerability. It is caused by insufficient input sanitization and output escaping,...

GHSA-82J3-HF72-7X93

creationtimestamp| type| source ---|---|--- 2025-01-22 17:00:51+00:00| seen| https://github.blog/security/vulnerability-research/attacks-on-maven-proxy-repositories/...

GHSA-FRVJ-CFQ4-3228

creationtimestamp| type| source ---|---|--- 2025-01-22 17:00:51+00:00| seen| https://github.blog/security/vulnerability-research/attacks-on-maven-proxy-repositories/...

CVE-2025-23887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scottwallick Blog Summary blog-summary allows Stored XSS.This issue affects Blog Summary: from n/a through = 0.1.2 β...

CVE-2025-23887

CVE-2025-23887 describes a stored cross-site scripting (XSS) vulnerability in the WordPress Blog Summary plugin. According to connected Red Hat/Wordfence data, the issue is caused by improper input neutralization during web page generation, enabling stored XSS. The affected software is the Blog S...

CVE-2025-23887 WordPress Blog Summary plugin <= 0.1.2 β - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scottwallick Blog Summary blog-summary allows Stored XSS.This issue affects Blog Summary: from n/a through = 0.1.2 β...

CVE-2025-23887 WordPress Blog Summary plugin <= 0.1.2 β - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scottwallick Blog Summary blog-summary allows Stored XSS.This issue affects Blog Summary: from n/a through = 0.1.2 β...

WordPress Blog Summary plugin <= 0.1.2 β - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Blog Summary versions = 0.1.2 β...

Live Streaming with Akamai’s Distributed Compute Regions

...

CVE-2025-21256

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:19:00+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpug6kqql2p 2025-01-14 21:11:14+00:00| seen|...

CVE-2025-21272

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:19:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpuh6kqhj2h 2025-01-14 21:56:17+00:00| seen|...

CVE-2025-21284

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:20:01+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpuhza6uk2f 2025-01-14 22:41:20+00:00| seen|...

CVE-2025-21326

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:21:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpulesscj2f 2025-01-15 01:11:32+00:00| seen|...

CVE-2025-21305

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:21:01+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpujsiwsz2r 2025-01-14 18:49:03+00:00| seen|...

CVE-2024-53263

creationtimestamp| type| source ---|---|--- 2025-01-14 17:04:36+00:00| seen| https://github.blog/open-source/git/git-security-vulnerabilities-announced-5/ 2025-01-14 20:15:51+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfq2x5e4kp2f 2025-01-14 22:23:01+00:00| seen|...

GHSA-86C2-4X57-WC8G

creationtimestamp| type| source ---|---|--- 2025-01-14 17:04:36+00:00| seen| https://github.blog/open-source/git/git-security-vulnerabilities-announced-5/ 2025-01-14 19:10:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1581...

GHSA-R5PH-XG7Q-XFRP

creationtimestamp| type| source ---|---|--- 2025-01-14 17:04:36+00:00| seen| https://github.blog/open-source/git/git-security-vulnerabilities-announced-5/ 2025-01-14 19:10:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1581...

CVE-2025-0460

A vulnerability, which was classified as critical, was found in Blog Botz for Journal Theme 1.0 on OpenCart. This affects an unknown part of the file /index.php?route=extension/module/blogadd. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the atta...

CVE-2025-0460 Blog Botz for Journal Theme blog_add unrestricted upload

A vulnerability, which was classified as critical, was found in Blog Botz for Journal Theme 1.0 on OpenCart. This affects an unknown part of the file /index.php?route=extension/module/blogadd. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the atta...