68 matches found
@bechara/crux (>=6.0.0 <=6.6.2), @cappa/cli (>=0.1.0 <=0.8.2) +10 more potentially affected by CVE-2026-6270 via @fastify/middie (>=9.0.2 <=9.3.1)
@fastify/middie NPM version =9.0.2, =6.0.0, =0.1.0, =0.1.0, =1.0.0, =1.0.11, =0.1.51, =1.0.36, =11.0.0, =1.3.0, =5.0.0, =0.6.1-dev, =1.1.48 Source cves: CVE-2026-6270 Source advisory: SNYK:JS-FASTIFYMIDDIE-16098213...
CVE-2024-34757
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visualmodo Borderless borderless allows DOM-Based XSS.This issue affects Borderless: from n/a through = 1.7.3...
EUVD-2024-52338
Malicious code in bioql PyPI...
EUVD-2024-34397
Malicious code in bioql PyPI...
EUVD-2025-16552
Malicious code in bioql PyPI...
EUVD-2024-35027
Malicious code in bioql PyPI...
CVE-2025-5290
The Borderless – Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2025-5290
CVE-2025-5290 concerns the Borderless – Elementor Addons and Templates WordPress plugin. It is a Stored Cross-Site Scripting vulnerability via the title parameter affecting all versions up to 1.7.1, enabling an authenticated attacker with Contributor+ privileges to inject scripts that execute whe...
CVE-2025-5290 Borderless – Elementor Addons and Templates <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Borderless – Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
WordPress plugin Borderless – Elementor Addons and Templates 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...
CVE-2024-54211
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Visualmodo Borderless borderless allows Cross-Site Scripting XSS.This issue affects Borderless: from n/a through = 1.5.8...
CVE-2023-38518
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Visualmodo Borderless plugin = 1.4.8 versions...
CVE-2024-10867
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2024-10867
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.5.9 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2024-10867 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2024-10867 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible...
WordPress plugin Borderless 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-1612
Name of the Vulnerable Software and Affected Versions The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress versions up to, and including, 1.5.9 Description The issue is related to Stored Cross-Site Scripting via SVG File uploads due to...
WordPress Borderless plugin <= 1.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload vulnerability
Authenticated Author+ Stored Cross-Site Scripting via SVG Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin Borderless versions = 1.6.2...
WordPress Borderless plugin <= 1.5.9 - Missing Authorization to Icon Font Deletion vulnerability
Missing Authorization to Icon Font Deletion vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Borderless versions = 1.5.9...