138 matches found
CVE-2023-23790
Cross-Site Request Forgery CSRF vulnerability in Pods Framework Team Pods – Custom Content Types and Fields plugin = 2.9.10.2 versions...
CVE-2023-47024
Cross-Site Request Forgery CSRF in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multiple vulnerabilities, including an undisclosed function in the WSDL that has weak security controls and can accept custom content types...
CVE-2021-24824
The field shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the...
CVE-2015-10075
A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function overridecontentwidth/registersettings of the file custom-content-width.php. The manipulation leads to cross site scripting. The attack can be launched remotel...
CVE-2025-31574
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SoftHopper Custom Content Scrollbar custom-content-scrollbar allows Stored XSS.This issue affects Custom Content Scrollbar: from n/a through = 1.3...
WordPress Custom Content Scrollbar plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Custom Content Scrollbar versions = 1.3...
CVE-2025-31574
CVE-2025-31574 describes a stored cross-site scripting vulnerability in the WordPress plugin Custom Content Scrollbar . The issue arises from improper neutralization of input during web page generation, allowing stored payloads to execute when rendered in the browser. Affected versions are listed...
CVE-2025-31574 WordPress Custom Content Scrollbar plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SoftHopper Custom Content Scrollbar custom-content-scrollbar allows Stored XSS.This issue affects Custom Content Scrollbar: from n/a through = 1.3...
WordPress plugin Custom Content Scrollbar 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2025-23652
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fabio Zuanon Add custom content after post add-custom-content-after-post allows Reflected XSS.This issue affects Add custom content after post: from n/a through = 1.0...
CVE-2025-23463
Cross-Site Request Forgery CSRF vulnerability in Mukesh Dak MD Custom content after or before of post md-custom-content allows Stored XSS.This issue affects MD Custom content after or before of post: from n/a through = 1.0...
CVE-2025-23869
Cross-Site Request Forgery CSRF vulnerability in shibulijack CJ Custom Content cj-custom-content allows Stored XSS.This issue affects CJ Custom Content: from n/a through = 2.0...
CVE-2025-23463
Cross-Site Request Forgery CSRF vulnerability in Mukesh Dak MD Custom content after or before of post md-custom-content allows Stored XSS.This issue affects MD Custom content after or before of post: from n/a through = 1.0...
CVE-2025-23869 WordPress CJ Custom Content plugin <= 2.0 - CSRF to Cross-Site Scripting vulnerability
Cross-Site Request Forgery CSRF vulnerability in shibulijack CJ Custom Content cj-custom-content allows Stored XSS.This issue affects CJ Custom Content: from n/a through = 2.0...
CVE-2025-23869 WordPress CJ Custom Content plugin <= 2.0 - CSRF to Cross-Site Scripting vulnerability
Cross-Site Request Forgery CSRF vulnerability in shibulijack CJ Custom Content cj-custom-content allows Stored XSS.This issue affects CJ Custom Content: from n/a through = 2.0...
CVE-2025-23463
CVE-2025-23463 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin MD Custom content after or before of post that allows stored XSS. Public details in the CVE entry state the issue affects MD Custom content after or before post: from n/a through 1.0. The connected ...
CVE-2025-23463 WordPress MD Custom content after or before of post plugin <= 1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Mukesh Dak MD Custom content after or before of post md-custom-content allows Stored XSS.This issue affects MD Custom content after or before of post: from n/a through = 1.0...
WordPress CJ Custom Content plugin <= 2.0 - CSRF to Cross-Site Scripting vulnerability
CSRF to Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin CJ Custom Content versions = 2.0...
WordPress Add custom content after post plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Add custom content after post versions = 1.0...
WordPress plugin CJ Custom Content 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...