WordPress Post Grid, Slider & Carousel Ultimate - with Shortcode, Gutenberg Block & Elementor Widget plugin <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion via post_type_ajax_handler() vulnerability

WordPress Post Grid, Slider & Carousel Ultimate - with Shortcode, Gutenberg Block & Elementor Widget plugin = 1.6.10 - Authenticated Contributor+ Local File Inclusion via posttypeajaxhandler vulnerability discovered by Hiroho Shimada in WordPress Plugin Post Grid, Slider & Carousel Ultimate...

EUVD-2024-26899

Malicious code in bioql PyPI...

EUVD-2025-30525

Malicious code in bioql PyPI...

EUVD-2025-26957

Malicious code in bioql PyPI...

CVE-2025-58652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Carousel Ultimate versions = 1.8...

CVE-2025-58652 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58652 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58652

CVE-2025-58652 affects Themepoints Carousel Ultimate (Carousel Ultimate) for WordPress. The issue is a Stored XSS caused by improper input neutralization during web page generation, impacting versions up to 1.8 (from n/a through 1.8). CVSS 3.1 base score is 6.5 (AV:N, AC:L, PR:L, UI:R, S:C, C:L, ...

PT-2025-38941

Name of the Vulnerable Software and Affected Versions Themepoints Carousel Ultimate versions through 1.8 Description The software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This issue enables malicious code...

WordPress plugin Carousel Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-58820

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58820

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58820 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58820 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58820

CVE-2025-58820 affects the WordPress plugin Themepoints Carousel Ultimate (versions up to 1.8). It is a Stored XSS due to improper input neutralization during web page generation. The vulnerability is documented with a Medium severity (CVSS 3.1 base 5.9) and currently listed as Unpatched; no expl...

WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Carousel Ultimate versions = 1.8...

PT-2025-36159

Name of the Vulnerable Software and Affected Versions: Themepoints Carousel Ultimate versions through 1.8 Description: Themepoints Carousel Ultimate is susceptible to a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS...

WordPress plugin Carousel Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...