WordPress Post Grid, Slider & Carousel Ultimate - with Shortcode, Gutenberg Block & Elementor Widget plugin <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion via post_type_ajax_handler() vulnerability

WordPress Post Grid, Slider & Carousel Ultimate - with Shortcode, Gutenberg Block & Elementor Widget plugin = 1.6.10 - Authenticated Contributor+ Local File Inclusion via posttypeajaxhandler vulnerability discovered by Hiroho Shimada in WordPress Plugin Post Grid, Slider & Carousel Ultimate...

EUVD-2025-30525

Malicious code in bioql PyPI...

EUVD-2025-26957

Malicious code in bioql PyPI...

EUVD-2024-26899

Malicious code in bioql PyPI...

CVE-2025-58652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Carousel Ultimate versions = 1.8...

CVE-2025-58652 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58652

CVE-2025-58652 affects Themepoints Carousel Ultimate (Carousel Ultimate) for WordPress. The issue is a Stored XSS caused by improper input neutralization during web page generation, impacting versions up to 1.8 (from n/a through 1.8). CVSS 3.1 base score is 6.5 (AV:N, AC:L, PR:L, UI:R, S:C, C:L, ...

CVE-2025-58652 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

WordPress plugin Carousel Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-38941

Name of the Vulnerable Software and Affected Versions Themepoints Carousel Ultimate versions through 1.8 Description The software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This issue enables malicious code...

CVE-2025-58820

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58820

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58820 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58820 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

CVE-2025-58820

CVE-2025-58820 affects the WordPress plugin Themepoints Carousel Ultimate (versions up to 1.8). It is a Stored XSS due to improper input neutralization during web page generation. The vulnerability is documented with a Medium severity (CVSS 3.1 base 5.9) and currently listed as Unpatched; no expl...

WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Carousel Ultimate versions = 1.8...

WordPress plugin Carousel Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-36159

Name of the Vulnerable Software and Affected Versions: Themepoints Carousel Ultimate versions through 1.8 Description: Themepoints Carousel Ultimate is susceptible to a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS...