32 matches found
EUVD-2025-5670
Malicious code in bioql PyPI...
EUVD-2025-25354
Malicious code in bioql PyPI...
EUVD-2022-43229
Malicious code in bioql PyPI...
CVE-2025-49436
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Anotte anotte-wp allows PHP Local File Inclusion.This issue affects Anotte: from n/a through = 1.8...
CVE-2025-49436
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Anotte anotte-wp allows PHP Local File Inclusion.This issue affects Anotte: from n/a through = 1.8...
CVE-2025-49436 WordPress Anotte theme <= 1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Anotte anotte-wp allows PHP Local File Inclusion.This issue affects Anotte: from n/a through = 1.8...
CVE-2025-49436 WordPress Custom Menu plugin <= 1.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thiudis Custom Menu allows Stored XSS. This issue affects Custom Menu: from n/a through 1.8...
CVE-2025-49436
CVE-2025-49436 is associated with a WordPress Custom Menu plugin vulnerability reported in connected documents as a stored cross-site scripting (XSS) issue affecting the Custom Menu plugin up to version 1.8. The technical detail from the connected sources indicates that the flaw originates from i...
WordPress plugin Custom Menu 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2025-33955 · Unknown · Thiudis Custom Menu
Name of the Vulnerable Software and Affected Versions: thiudis Custom Menu versions through 1.8 Description: Improper neutralization of input during web page generation allows for stored cross-site scripting XSS. Recommendations: Update thiudis Custom Menu to a version later than 1.8...
WordPress Custom Menu plugin <= 1.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by muhammad yudha Patchstack Alliance in WordPress Plugin Custom Menu versions = 1.8...
CVE-2025-23881
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in littlejon LJ Custom Menu Links lj-custom-menu-links allows Reflected XSS.This issue affects LJ Custom Menu Links: from n/a through = 2.5...
CVE-2025-23881
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in littlejon LJ Custom Menu Links lj-custom-menu-links allows Reflected XSS.This issue affects LJ Custom Menu Links: from n/a through = 2.5...
CVE-2025-23881 WordPress LJ Custom Menu Links Plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in littlejon LJ Custom Menu Links lj-custom-menu-links allows Reflected XSS.This issue affects LJ Custom Menu Links: from n/a through = 2.5...
CVE-2025-23881
CVE-2025-23881 concerns the WordPress plugin LJ Custom Menu Links (versions
WordPress LJ Custom Menu Links Plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LJ Custom Menu Links versions = 2.5...
CVE-2022-3893
Cross-site Scripting XSS vulnerability in BlueSpiceCustomMenu extension of BlueSpice allows user with admin permissions to inject arbitrary HTML into the custom menu navigation of the application...
PT-2022-24619 · Bluespice · Bluespice
Name of the Vulnerable Software and Affected Versions: BlueSpice affected versions not specified Description: The issue allows a user with admin permissions to inject arbitrary HTML into the custom menu navigation of the application, which is a result of a Cross-site Scripting XSS vulnerability i...
BlueSpice 跨站脚本漏洞
BlueSpice is free Wiki software from BlueSpice based on the MediaWiki engine. BlueSpice suffers from a cross-site scripting vulnerability that stems from its BlueSpiceCustomMenu extension that allows users with administrative privileges to inject arbitrary HTML into the application's custom menu...
CVE-2021-38321
The Custom Menu Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selectedmenu parameter found in the /custom-menus.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.3...