46 matches found
PT-2025-38898
Name of the Vulnerable Software and Affected Versions Guaven Labs SQL Chart Builder versions through 2.3.7.2 Description A flaw exists in Guaven Labs SQL Chart Builder that allows for DOM-Based Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page...
CVE-2023-47526
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chart Builder Team Chartify – WordPress Chart Plugin allows Stored XSS.This issue affects Chartify – WordPress Chart Plugin: from n/a through 2.0.6...
CVE-2025-30904
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Chartify chart-builder allows Stored XSS.This issue affects Chartify: from n/a through = 3.1.7...
CVE-2025-25077
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dugbug Easy Chart Builder for WordPress easy-chart-builder allows Stored XSS.This issue affects Easy Chart Builder for WordPress: from n/a through = 1.3...
CVE-2025-25077
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dugbug Easy Chart Builder for WordPress easy-chart-builder allows Stored XSS.This issue affects Easy Chart Builder for WordPress: from n/a through = 1.3...
CVE-2025-25077
CVE-2025-25077 refers to a Stored XSS in Easy Chart Builder for WordPress (plugin)
CVE-2025-25077 WordPress Easy Chart Builder for WordPress plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dugbug Easy Chart Builder for WordPress easy-chart-builder allows Stored XSS.This issue affects Easy Chart Builder for WordPress: from n/a through = 1.3...
CVE-2025-25077 WordPress Easy Chart Builder for WordPress plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dugbug Easy Chart Builder for WordPress easy-chart-builder allows Stored XSS.This issue affects Easy Chart Builder for WordPress: from n/a through = 1.3...
WordPress plugin Easy Chart Builder for WordPress 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
PT-2025-5916 · WordPress · Easy Chart Builder For Wordpress
Name of the Vulnerable Software and Affected Versions: Easy Chart Builder for WordPress versions 1.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attack...
CVE-2024-47347
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Chartify chart-builder allows Reflected XSS.This issue affects Chartify: from n/a through = 2.7.6...
WordPress Easy Chart Builder for WordPress plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Easy Chart Builder for WordPress versions = 1.3...
CVE-2024-11430 SQL Chart Builder <= 2.3.6 - Authenticated (Contributor+) SQL Injection
The SQL Chart Builder plugin for WordPress is vulnerable to SQL Injection via the 'arg1' arg of the 'gvnschart2' shortcode in all versions up to, and including, 2.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This mak...
CVE-2024-11430 SQL Chart Builder <= 2.3.6 - Authenticated (Contributor+) SQL Injection
The SQL Chart Builder plugin for WordPress is vulnerable to SQL Injection via the 'arg1' arg of the 'gvnschart2' shortcode in all versions up to, and including, 2.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This mak...
WordPress SQL Chart Builder plugin <= 2.3.7.1 - Authenticated (Contributor+) SQL Injection vulnerability
Authenticated Contributor+ SQL Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin SQL Chart Builder versions = 2.3.7.1...
WordPress plugin SQL Chart Builder SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
PT-2024-16986 · WordPress · Sql Chart Builder
Name of the Vulnerable Software and Affected Versions: SQL Chart Builder plugin for WordPress versions up to, and including, 2.3.6 Description: The issue arises from insufficient escaping on the user-supplied arg1 parameter and lack of sufficient preparation on the existing SQL query in the gvn...
CVE-2024-47347
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Chartify chart-builder allows Reflected XSS.This issue affects Chartify: from n/a through = 2.7.6...
GHSA-PW44-4H99-WQFF D-Tale vulnerable to Remote Code Execution through the Query input on Chart Builder
Impact Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Patches Users should upgrade to version 3.14.1 where the "Custom Filter" input is turned off by default. You can find out more information on how to turn it back...
D-Tale vulnerable to Remote Code Execution through the Query input on Chart Builder
Impact Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Patches Users should upgrade to version 3.14.1 where the "Custom Filter" input is turned off by default. You can find out more information on how to turn it back...