EUVD-2025-11622

Malicious code in bioql PyPI...

CVE-2025-27288

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BjornW File Icons file-icons allows Reflected XSS.This issue affects File Icons: from n/a through = 2.1...

CVE-2025-27288

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BjornW File Icons file-icons allows Reflected XSS.This issue affects File Icons: from n/a through = 2.1...

CVE-2025-27288 WordPress File Icons Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BjornW File Icons file-icons allows Reflected XSS.This issue affects File Icons: from n/a through = 2.1...

CVE-2025-27288

CVE-2025-27288 : WordPress WordPress File Icons plugin (versions n/a–2.1) is affected by a Reflected XSS due to improper input neutralization during page generation. CVSS v3.1 base score 7.1 (HIGH); vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L. Affected product: File Icons plugin for Word...

CVE-2025-27288 WordPress File Icons Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BjornW File Icons file-icons allows Reflected XSS.This issue affects File Icons: from n/a through = 2.1...

PT-2025-17055 · Unknown · Bjornw File Icons

Name of the Vulnerable Software and Affected Versions: BjornW File Icons versions n/a through 2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers to injec...

WordPress plugin File Icons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress File Icons Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin File Icons versions = 2.1...

CVE-2024-6309

The Attachment File Icons AF Icons plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 1.3. This is due to missing nonce validation in the 'afioverview' function and missing file type validation in the 'uploadicons' function...

WordPress Attachment File Icons (AF Icons) plugin <= 1.3 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability

Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin Attachment File Icons versions = 1.3...

WordPress Attachment File Icons Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Attachment File Icons Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6309 Patch priority Low CVSS severity Low 9.6 Developer Claim ownership PSID c3b98b264536 Credits István Márton...

WordPress plugin Attachment File Icons security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

OPENSUSE-SU-2021:0145-1 Security update for viewvc

This update for viewvc fixes the following issues: - update to 1.1.28 boo1167974, CVE-2020-5283: security fix: escape subdir lastmod file name 211 fix standalone.py first request failure 195 suppress stack traces with option to show 140 distinguish text/binary/image files by icons 166, 175 colori...

Security update for viewvc (moderate)

openSUSE Security Update: Security update for viewvc Announcement ID: openSUSE-SU-2021:0119-1 Rating: moderate References: 1167974 Cross-References: CVE-2020-5283 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for...

Security update for viewvc (moderate)

openSUSE Security Update: Security update for viewvc Announcement ID: openSUSE-SU-2021:0084-1 Rating: moderate References: 1167974 Cross-References: CVE-2020-5283 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for viewvc fix...