EUVD-2025-36041

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through = 10.1.1...

CVE-2025-62936

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-62897

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through 10.1.0...

CVE-2025-62959 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...

CVE-2025-62959 WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...

CVE-2025-62959

CVE-2025-62959 concerns the Paid Videochat Turnkey Site (ppv-live-webcams) WordPress plugin. The vulnerability stems from improper control of code generation, enabling Remote Code Inclusion/Execution for versions up to 7.3.22 (Authenticated/Admin access). Red Hat and NVD entries corroborate the R...

CVE-2025-62936

CVE-2025-62936 concerns WordPress theme/plugin xSmart (WordPress Theme: xSmart) with versions up to and including 1.2.9.4. The issue is Improper Neutralization of Script-Related HTML Tags in a Web Page, i.e., a Basic XSS vulnerability that can enable Code Injection. The vulnerability affects the ...

CVE-2025-62897 WordPress WP Recipe Maker plugin < 10.1.0 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through 10.1.0...

WordPress plugin xSmart 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Projectworlds Expense Management System 代码注入漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from an incorrect manipulation of an unknown function in the file...

projectworlds Expense Management System 代码注入漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in version 1.0 of the projectworlds Expense Management System, which stems from an incorrect manipulation of an unknown function in the file...

WordPress plugin WP Recipe Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-43776

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through = 10.1.1...

Chatwoot 代码注入漏洞

Chatwoot is a Chatwoot open source application. Customer Engagement Suite, an open source alternative to Intercom, Zendesk, Salesforce Service Cloud, and more. A code injection vulnerability exists in Chatwoot 4.7.0 and earlier versions, which stems from a misuse of the parameter Link in the file...

PT-2025-43812

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

Wisencode Infotech Wisenshop 代码注入漏洞

Wisencode Infotech Wisenshop is an online shopping platform from India Wisencode Infotech. A code injection vulnerability exists in Wisencode Infotech Wisenshop 20251012 and earlier versions, which stems from an incorrect manipulation of the parameter Message in the file /support-ticket/create,...

OpenWGA 代码注入漏洞

OpenWGA is an OpenWGA open source content management system and web application development platform. A code injection vulnerability exists in OpenWGA version 7.11.12 Build 737, which stems from a cross-site scripting vulnerability in the Admin UI component...

Willow CMS 代码注入漏洞

Willow CMS is a content management system by mndeaves individual developers. A code injection vulnerability exists in Willow CMS 1.4.0 and earlier versions, which stems from an incorrect manipulation of the parameters title/body in the file /admin/articles/add, which could lead to a cross-site...

Modern Shop - PHP eCommerce Platform 代码注入漏洞

Modern Shop - PHP eCommerce Platform is an online shopping mall website by ABHIRAM B Individual Developer. A code injection vulnerability exists in Modern Shop - PHP eCommerce Platform version 20250922, which stems from an incorrect manipulation of the parameter q in file/search and could lead to...

Zytec Central Authentication Service 代码注入漏洞

Zytec Central Authentication Service is a centralized authentication service from China's Zhuo Yun Zytec Company. A code injection vulnerability exists in Zytec Central Authentication Service 20251009 and earlier versions, which stems from incorrect manipulation of the parameters get.layer,...