CVE-2025-13895

The Top Position Google Finance plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 0.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2025-13895 Top Position Google Finance <= 0.1.0 - Reflected Cross-Site Scripting

The Top Position Google Finance plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 0.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2025-13895 Top Position Google Finance <= 0.1.0 - Reflected Cross-Site Scripting

The Top Position Google Finance plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 0.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

WordPress Top Position Google Finance plugin <= 0.1.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Top Position Google Finance versions = 0.1.0...

WordPress plugin Top Position Google Finance 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to set up a personal blog site on a PHP and MySQL based...

PT-2026-1722

Name of the Vulnerable Software and Affected Versions Top Position Google Finance versions up to and including 0.1.0 Description The Top Position Google Finance plugin for WordPress is susceptible to Reflected Cross-Site Scripting due to inadequate input sanitization and output escaping. This...

Google Finance was traced to reflected File Download(RFD)vulnerabilities-vulnerability warning-the black bar safety net

! A Portuguese network security expert David Sopas found the impact of Google Finance a reflected File DownloadRFDvulnerabilities. I'm in audits of other clients time to discover this vulnerability, through RFD, you need to establish a page to force the download. This Google JSON file of the...

gfinance-xss.txt

I am Fugitif and on this small tutorial I want to show you how can work one vulnerable XSS Alert Bug on Google.com. To be more precise our link is http://finance.google.com Ok..My XSS alert is here http://finance.google.com/finance/portfolio?action=add&hash How you see in the screen we need...