Lucene search
K

8 matches found

CNVD
CNVD
added 2025/10/13 12:0 a.m.2 views

WordPress FancyTabs plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress FancyTabs plugin has a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of the title parameter, which can be exploited b...

6.4CVSS6.1AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-31694

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00216EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/01 4:23 a.m.9 views

CVE-2025-8560

The FancyTabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

6.4CVSS5AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2025/09/30 11:37 a.m.10 views

CVE-2025-8560

The FancyTabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

6.4CVSS0.00216EPSS
Exploits0References3
CVE
CVE
added 2025/09/30 3:35 a.m.23 views

CVE-2025-8560

CVE-2025-8560 affects the WordPress FancyTabs plugin (versions up to and including 1.1.0). A stored XSS flaw exists in the title parameter due to insufficient input sanitization/escaping. Exploitation requires at least Contributor-level access; an authenticated attacker can inject scripts that ex...

6.4CVSS4.7AI score0.00216EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/09/30 12:16 a.m.6 views

WordPress FancyTabs plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via title Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin FancyTabs versions = 1.1.0...

6.4CVSS5.6AI score0.00216EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/09/30 12:0 a.m.4 views

WordPress plugin FancyTabs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress FancyTabs plugin has a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of the title parameter, which can be exploited b...

6.4CVSS6AI score0.00216EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/30 12:0 a.m.6 views

PT-2025-39940

Name of the Vulnerable Software and Affected Versions FancyTabs plugin for WordPress versions prior to 1.1.1 Description The FancyTabs plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping in the title parameter...

6.4CVSS5.9AI score0.00216EPSS
Exploits0References6
Rows per page
Query Builder