11 matches found
CVE-2026-4032
The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comment shortcode in versions up to, and including, 0.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2026-4032 CodeColorer <= 0.10.1 - Unauthenticated Stored Cross-Site Scripting via 'class' attribute in 'cc' Comment Shortcode
The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comment shortcode in versions up to, and including, 0.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2026-4032
The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comment shortcode in versions up to, and including, 0.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2026-4032 CodeColorer <= 0.10.1 - Unauthenticated Stored Cross-Site Scripting via 'class' attribute in 'cc' Comment Shortcode
The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comment shortcode in versions up to, and including, 0.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
PT-2026-33253
The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comment shortcode in versions up to, and including, 0.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-15386
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved...
EUVD-2007-6378
Malware in sbrugna...
EUVD-2013-4940
Malware in sbrugna...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WP Customer Reviews WordPress plugin before 3.5.6, which can ...
Lore 1.5.6 SQL Injection
Lore 1.5.6 Bug : article.php?id=Blind ,Comentarios Habilitados "Add Comment" Dork : intext:"Powered by Lore 1.5.6" Coded By OzXNuKE/US HTTP://FORO.UNDERSECURITY.NET HTTP://FORO.EL-HACKER.COM Gracias C1c4tr1z,Tecn0x,Lix,1995,N0b0dy,NanonRoses,Codebreak?,Nork,AzraelNuKE && Todos los Miembros de...
Lore 1.5.6 - article.php Blind SQL Injection
Lore 1.5.6 - article.php Blind SQL Injection Lore 1.5.6 Bug : article.php?id=Blind ,Comentarios Habilitados "Add Comment" Dork : intext:"Powered by Lore 1.5.6" Coded By OzXNuKE/US HTTP://FORO.UNDERSECURITY.NET HTTP://FORO.EL-HACKER.COM Gracias...