362 matches found
CVE-2024-3520
The Country State City Dropdown CF7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tccscapatchsettings function in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with subscriber access...
CVE-2023-5110
The BSK PDF Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'bsk-pdfm-category-dropdown' shortcode in versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2021-25113
The Dropdown Menu Widget WordPress plugin through 1.9.7 does not have authorisation and CSRF checks when saving its settings, allowing low privilege users such as subscriber to update them. Due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues...
CVE-2013-2704
Cross-site request forgery CSRF vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting XSS sequences...
CVE-2019-10085
In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page...
CVE-2025-47451
Cross-Site Request Forgery CSRF vulnerability in silverplugins217 Product Quantity Dropdown For Woocommerce product-quantity-dropdown-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Quantity Dropdown For Woocommerce: from n/a through = 1.2...
CVE-2025-47451
Cross-Site Request Forgery CSRF vulnerability in silverplugins217 Product Quantity Dropdown For Woocommerce product-quantity-dropdown-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Quantity Dropdown For Woocommerce: from n/a through = 1.2...
PT-2025-20087 · WordPress · Product Quantity Dropdown For Woocommerce
Name of the Vulnerable Software and Affected Versions: Product Quantity Dropdown For Woocommerce versions 1.2 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. Recommendations: For versions 1.2 and earlier, update to a...
WordPress plugin Product Quantity Dropdown For Woocommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress plugin Product Quanti...
CVE-2025-46478
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in metaloha Dropdown Content dropdown-content allows Stored XSS.This issue affects Dropdown Content: from n/a through = 1.0.2...
WordPress Dropdown Content plugin <= 1.0.2 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Dropdown Content versions = 1.0.2...
CVE-2025-46478
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in metaloha Dropdown Content dropdown-content allows Stored XSS.This issue affects Dropdown Content: from n/a through = 1.0.2...
CVE-2025-46478
CVE-2025-46478 : WordPress plugin Dropdown Content is affected by a stored XSS due to improper input neutralization during page generation. Affected versions are up to 1.0.2 (n/a through 1.0.2). The Connected documents confirm this is a stored XSS vulnerability and indicate no publicly available ...
CVE-2025-46478 WordPress Dropdown Content plugin <= 1.0.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in metaloha Dropdown Content dropdown-content allows Stored XSS.This issue affects Dropdown Content: from n/a through = 1.0.2...
CVE-2025-46478 WordPress Dropdown Content <= 1.0.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in metaloha Dropdown Content allows Stored XSS. This issue affects Dropdown Content: from n/a through 1.0.2...
WordPress plugin Dropdown Content 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-17792 · Unknown · Metaloha Dropdown Content
Name of the Vulnerable Software and Affected Versions: metaloha Dropdown Content versions n/a through 1.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS in metaloha Dropdown Content...
Malicious code in @sporta-technology/d11-web-components.list-item.list-item-dropdown (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @sporta-technology/d11-web-components.dropdown (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-3326 Malicious code in @sporta-technology/d11-web-components.dropdown (npm)
--- -= Per source details. Do not edit below this line.=-...