2674 matches found
CVE-2025-46483
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button google-1 allows DOM-Based XSS.This issue affects Peadig’s Google +1 Button: from n/a through = 0.1.2...
CVE-2025-1458
The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets like Dual Button, Creative Button, Image Stack and more in all versions up to, and including, 5.10.29 due to...
CVE-2025-39420
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ruudkok WP Twitter Button wp-twitter-button allows Stored XSS.This issue affects WP Twitter Button: from n/a through = 1.4.1...
CVE-2025-3866
CVE-2025-3866 affects the WordPress plugin Add Google +1 (Plus One) social share Button, version
Cross-site Scripting (XSS)
Liferay Portal is vulnerable to Stored Cross-site Scripting XSS. The vulnerability is due to improper handling of radio button type custom fields, allowing remote authenticated attackers to inject malicious JavaScript into a page...
CVE-2025-46483
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button google-1 allows DOM-Based XSS.This issue affects Peadig’s Google +1 Button: from n/a through = 0.1.2...
CVE-2025-46483 WordPress Peadig’s Google +1 Button <= 0.1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button allows DOM-Based XSS. This issue affects Peadig’s Google +1 Button: from n/a through 0.1.2...
CVE-2025-46483
Summary (CVE-2025-46483) A DOM-based XSS in Peadig’s Google +1 Button (WordPress plugin “Peadig’s Google +1 Button”) is caused by improper neutralization of input during web page generation. Affected versions are listed as n/a through 0.1.2. Multiple connected sources corroborate the same vulnera...
CVE-2025-46483 WordPress Peadig’s Google +1 Button plugin <= 0.1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button google-1 allows DOM-Based XSS.This issue affects Peadig’s Google +1 Button: from n/a through = 0.1.2...
PT-2025-17796 · Unknown · Peadig'S Google +1 Button
Name of the Vulnerable Software and Affected Versions: Peadig’s Google +1 Button versions 0.1.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can be exploited through the Peadig’s Google +1 Button...
PT-2025-17723 · Franka Robotics · Franka Emika Robot
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A remote attacker can cause a denial-of-service DoS attack by connecting via HTTPS and triggering the shutdown button due to missing authorization. Recommendations: At the moment, there is n...
WordPress plugin Peadig’s Google +1 Button 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Malicious code in @sporta-technology/d11-web-components.toggle-button (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-3367 Malicious code in @sporta-technology/d11-web-components.toggle-button (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @sporta-technology/d11-web-components.text-button (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-3363 Malicious code in @sporta-technology/d11-web-components.text-button (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @sporta-technology/d11-web-components.table-cells.tc-icon-button (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @sporta-technology/d11-web-components.icon-button (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-3333 Malicious code in @sporta-technology/d11-web-components.icon-button (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2025-39420
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ruudkok WP Twitter Button wp-twitter-button allows Stored XSS.This issue affects WP Twitter Button: from n/a through = 1.4.1...