WordPress plugin Login-box 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2025-22318

Missing Authorization vulnerability in enituretechnology Standard Box Sizes – for WooCommerce standard-box-sizes.This issue affects Standard Box Sizes – for WooCommerce: from n/a through = 1.6.13...

CVE-2025-22706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iova.mihai Social Pug: Author Box allows Reflected XSS. This issue affects Social Pug: Author Box: from n/a through 1.0.0...

CVE-2022-4636

Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, and ACR1020A-T is vulnerable to path traversal, which may allow an attacker to steal user credentials and other sensitive information through local file inclusion...

CVE-2024-34367

Cross-Site Request Forgery CSRF vulnerability in Popup Box Team Popup box allows Cross-Site Scripting XSS.This issue affects Popup box: from n/a through 4.1.2...

CVE-2024-51656

Cross-Site Request Forgery CSRF vulnerability in litefeel Flash Show And Hide Box flash-show-and-hide-box allows Stored XSS.This issue affects Flash Show And Hide Box: from n/a through = 1.6...

CVE-2024-40892

A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy BTLE interface. Once an attacker gains access to the...

CVE-2025-22675

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Alert Box Block – Display notice/alerts in the front end alert-box-block allows Stored XSS.This issue affects Alert Box Block – Display notice/alerts in the front end: from n/a through =...

CVE-2025-22675 WordPress Alert Box Block plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Alert Box Block – Display notice/alerts in the front end allows Stored XSS. This issue affects Alert Box Block – Display notice/alerts in the front end: from n/a through 1.1.0...

CVE-2025-22675 WordPress Alert Box Block plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Alert Box Block – Display notice/alerts in the front end alert-box-block allows Stored XSS.This issue affects Alert Box Block – Display notice/alerts in the front end: from n/a through =...

CVE-2025-22675

CVE-2025-22675 corresponds to a stored XSS vulnerability in the WordPress plugin Alert Box Block – Display notice/alerts in the front end, exploitable via improper input neutralization during page generation. Affected versions are &lt;= 1.1.0. The vulnerability is confirmed in multiple sources; P...

Discourse 跨站脚本漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email, and chat room features. Discourse suffers from a cross-site scripting vulnerability that originates from an attacker being able to execute arbitrary JavaScript code on a...

WordPress plugin Alert Box Block 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Alert B...

PT-2025-4616 · WordPress · Bplugins Alert Box Block

Name of the Vulnerable Software and Affected Versions: bPlugins Alert Box Block – Display notice/alerts in the front end versions 1.1.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This...

WordPress URL-Preview-Box plugin <= 1.20 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin URL-Preview-Box versions = 1.20...

WordPress Login-box plugin <= 2.0.4 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Login-box versions = 2.0.4...

WordPress Simple Select All Text Box plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Simple Select All Text Box versions = 3.2...

WordPress Alert Box Block plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin Alert Box Block – Display notice/alerts in the front end versions = 1.1.0...

WordPress Authors Autocomplete Meta Box plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Authors Autocomplete Meta Box versions = 1.2...

WordPress plugin Tracking Code Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...