EUVD-2025-210354

Unauthenticated Broken Access Control in Donation Thermometer = 2.2.7 versions...

CVE-2025-64636

Unauthenticated Broken Access Control in Donation Thermometer = 2.2.7 versions...

CVE-2025-64636

Affected software : WordPress Donation Thermometer plugin (versions

CVE-2025-64636 WordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Donation Thermometer = 2.2.7 versions...

WordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Donation Thermometer versions = 2.2.7...

WordPress Donation Thermometer plugin cross-site scripting vulnerability

The WordPress Donation Thermometer plugin is a plugin for WordPress sites that visualizes the progress of donations by displaying a progress bar usually like a thermometer. The WordPress Donation Thermometer plugin suffers from a cross-site scripting vulnerability that stems from the application'...

CVE-2025-67550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...

EUVD-2025-202096

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...

CVE-2025-67550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...

CVE-2025-67550

CVE-2025-67550 is a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Donation Thermometer (donation-thermometer). The issue allows stored XSS due to improper input neutralization during web page generation, affecting the plugin versions

CVE-2025-67550 WordPress Donation Thermometer plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...

CVE-2025-67550 WordPress Donation Thermometer plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...

WordPress plugin Donation Thermometer 跨站脚本漏洞

The WordPress Donation Thermometer plugin is a plugin for WordPress sites that visualizes the progress of donations by displaying a progress bar usually like a thermometer. The WordPress Donation Thermometer plugin suffers from a cross-site scripting vulnerability that stems from the application'...

PT-2025-49924

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...

WordPress Donation Thermometer plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Donation Thermometer versions = 2.2.6...

EUVD-2022-42555

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-3128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin t...

CVE-2022-3128

The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-3128

The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-3128

The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...