CVE-2025-64187

OctoPrint provides a web interface for controlling consumer 3D printers. Versions 1.11.3 and below are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript into Action Command notifications and prompts popups generated by the printer. An attacker who successfully...

CVE-2025-12486 Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability

Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Heimdall Data Database Proxy. Minimal user interaction is required to exploit this vulnerability. The specific...

EUVD-2025-38103

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in RealMag777 TableOn posts-table-filterable allows Code Injection.This issue affects TableOn: from n/a through = 1.0.4.2...

CVE-2025-60244

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in RealMag777 TableOn posts-table-filterable allows Code Injection.This issue affects TableOn: from n/a through = 1.0.5.1...

CVE-2025-49398

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...

CVE-2025-47588

Improper Control of Generation of Code 'Code Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Code Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through = 4.5.9...

CVE-2025-32222

Improper Control of Generation of Code 'Code Injection' vulnerability in Widgetlogic.org Widget Logic widget-logic allows Code Injection.This issue affects Widget Logic: from n/a through = 6.0.5...

CVE-2025-49398 WordPress Easy Appointments plugin <= 3.12.14 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...

CVE-2025-49398 WordPress Easy Appointments plugin <= 3.12.14 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...

CVE-2025-49398

The CVE refers to CVE-2025-49398 targeting the WordPress plugin WordPress Easy Appointments (plugin name: Easy Appointments) with versions &lt;= 3.12.14. The flaw is described as Improper Neutralization of Script-Related HTML Tags in a Web Page, leading to a Basic XSS/Content Injection vulnerabil...

CVE-2025-49372

CVE-2025-49372 is an unauthenticated remote code execution in WordPress HAPPY plugin &lt;= 1.0.7 (VillaTheme HAPPY happy-helpdesk-support-ticket-system) caused by Improper Control of Generation of Code (Code Injection) leading to Remote Code Inclusion. Red Hat and NVD entries corroborate the same...

EUVD-2025-38015

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-49372 WordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

EUVD-2025-38025

Improper Control of Generation of Code 'Code Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Code Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through = 4.5.9...

CVE-2025-47588 WordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.9 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Code Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through = 4.5.9...

CVE-2025-47588

CVE-2025-47588 affects the WordPress plugin Dynamic Pricing With Discount Rules for WooCommerce (aco-woo-dynamic-pricing) up to version 4.5.9. Description and connected sources indicate an Improper Control of Generation of Code leading to Code Injection and Arbitrary Code Execution. CVSSv3.1 base...

EUVD-2025-38031

Improper Control of Generation of Code 'Code Injection' vulnerability in Widgetlogic.org Widget Logic widget-logic allows Code Injection.This issue affects Widget Logic: from n/a through = 6.0.5...

CVE-2025-32222 WordPress Widget Logic <= 6.0.5 - Remote Code Execution (RCE) Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Widgetlogic.org Widget Logic widget-logic allows Code Injection.This issue affects Widget Logic: from n/a through = 6.0.5...

CVE-2025-32222 WordPress Widget Logic <= 6.0.5 - Remote Code Execution (RCE) Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Widgetlogic.org Widget Logic widget-logic allows Code Injection.This issue affects Widget Logic: from n/a through = 6.0.5...

CVE-2025-32222

CVE-2025-32222 affects WordPress Widget Logic plugin, with Code Injection allowing Remote Code Execution in Widget Logic