WordPress Football Pool Plugin <= 2.12.6 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Football Pool versions = 2.12.6...

CVE-2025-53280 WordPress Football Pool plugin <= 2.12.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AntoineH Football Pool football-pool allows Stored XSS.This issue affects Football Pool: from n/a through = 2.12.5...

WordPress plugin Football Pool 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-5490

CVE-2025-5490 : Football Pool for WordPress is vulnerable to stored XSS via admin settings in all versions up to 2.12.4. The issue arises from insufficient input sanitization and output escaping, exploitable by authenticated attackers with administrator-level permissions (and above) on multi-site...

CVE-2025-5490 Football Pool <= 2.12.4 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Football Pool plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

WordPress plugin Football Pool 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-26209 · WordPress · Football-Pool

Name of the Vulnerable Software and Affected Versions: Football Pool plugin for WordPress versions up to, and including, 2.12.4 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This allows authenticated...

CVE-2025-30764 WordPress Football Pool plugin <= 2.12.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in AntoineH Football Pool football-pool allows Cross Site Request Forgery.This issue affects Football Pool: from n/a through = 2.12.2...

CVE-2025-30764 WordPress Football Pool plugin <= 2.12.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in AntoineH Football Pool football-pool allows Cross Site Request Forgery.This issue affects Football Pool: from n/a through = 2.12.2...

WordPress plugin Football Pool 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Football Pool plugin <= 2.11.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Football Pool versions = 2.11.10...

WordPress Football Pool Plugin <= 2.11.3 is vulnerable to Cross Site Scripting (XSS)

Software Football Pool Type Plugin Vulnerable versions = 2.11.3 Fixed in 2.11.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 55a90c79eb31 Credits WordFence Required privilege...

CVE-2017-18524

The football-pool plugin before 2.6.5 for WordPress has multiple XSS issues...

CVE-2017-18524

The football-pool plugin before 2.6.5 for WordPress has multiple XSS issues...

CVE-2017-18524

The football-pool WordPress plugin (before 2.6.5) has multiple XSS vulnerabilities. Affected component: football-pool plugin for WordPress; root cause: multiple cross-site scripting issues. Impact is client-side code execution in some contexts; exploitation status is not provided in the documents...

CVE-2017-18524

The football-pool plugin before 2.6.5 for WordPress has multiple XSS issues...

WordPress Football Pool Plugin <= 2.6.3 - Authenticated Arbitrary File Upload Vulnerability

WordPress Football Pool Plugin Authenticated Arbitrary File Upload Vulnerability was found in 2.6.3 version. The function didn’t include any restriction on what type of files can be uploaded Solution Update the plugin...