52 matches found
CVE-2025-63072
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...
EUVD-2025-201957
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...
CVE-2025-63072
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...
CVE-2025-63072 WordPress Cornerstone plugin <= 7.7.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...
CVE-2025-63072
The CVE describes a stored XSS in the WordPress Cornerstone plugin (THEMECO Cornerstone) affecting versions up to and including 7.7.3. The vulnerability arises from improper input neutralization during web page generation, enabling stored cross-site scripting. Affected component: Cornerstone Word...
CVE-2025-63072 WordPress Cornerstone plugin <= 7.7.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...
PT-2025-50072
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...
WordPress plugin Cornerstone 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
EUVD-2018-5705
Malware in sbrugna...
EUVD-2010-5246
Malware in sbrugna...
WordPress Cornerstone plugin <= 7.7.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Cornerstone versions = 7.7.3...
EUVD-2024-30372
Malicious code in bioql PyPI...
EUVD-2024-25176
Malicious code in bioql PyPI...
MAL-2025-47055 Malicious code in cornerstone_ui_core (npm)
The package cornerstoneuicore was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76275d4480426c8c60d2ef0233c3df0f042494623872c889c0e28d2212b949fe Any computer that has this package installed or running should be considered fully...
CVE-2024-32570
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Archetyped Cornerstone allows Reflected XSS.This issue affects Cornerstone: from n/a through 0.8.0...
CVE-2024-28002
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Archetyped Cornerstone allows Reflected XSS.This issue affects Cornerstone: from n/a through 0.8.0...
Malicious code in bigcommerce-cornerstone (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83db5e73ba2655c18a873f73b2875933ac9be69ba593d2b7cd4fc00e6af20bce Any computer that has this package install...
MAL-2025-122 Malicious code in bigcommerce-cornerstone (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83db5e73ba2655c18a873f73b2875933ac9be69ba593d2b7cd4fc00e6af20bce Any computer that has this package install...
Cornerstone < 0.8.1 - Reflected Cross-Site Scripting via PHP_SELF
Description The Cornerstone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 0.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...
Cornerstone < 0.8.1 - Reflected Cross-Site Scripting
Description The Cornerstone plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 0.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...