18 matches found
CVE-2025-67952
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...
CVE-2025-67952
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...
CVE-2025-67952 WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...
CVE-2025-67952
CVE-2025-67952 is a reflected XSS in the WordPress ThemeGoods Grand Tour theme prior to version 5.6.2. The initial record confirms the vulnerability and affected version, with remediation via upgrading to 5.6.2 or later (patched). The connected sources also catalog the same CVE across multiple fe...
CVE-2025-67952 WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...
CVE-2025-67952
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...
PT-2026-4032
Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Tour versions prior to 5.6.2 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-site Scripting XSS issue. This could allow an...
WordPress plugin Grand Tour has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Grand Tour versions 5.6.2...
EUVD-2025-27958
Malicious code in bioql PyPI...
CVE-2025-39485
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour grandtour allows Object Injection.This issue affects Grand Tour: from n/a through = 5.6...
CVE-2025-39485
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency WordPress allows Object Injection. This issue affects Grand Tour | Travel Agency WordPress: from n/a through 5.5.1...
CVE-2025-39485
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour grandtour allows Object Injection.This issue affects Grand Tour: from n/a through = 5.6...
CVE-2025-39485
CVE-2025-39485 concerns the Grand Tour | Travel Agency WordPress theme deserializing untrusted data, enabling PHP object injection in versions up to 5.5.1. Public sources confirm a WordPress theme vulnerability with a critical CVSS 9.8, affecting the Grand Tour theme and labeled as unpatched in t...
CVE-2025-39485 WordPress GrandTour Theme <= 5.5.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency WordPress allows Object Injection. This issue affects Grand Tour | Travel Agency WordPress: from n/a through 5.5.1...
PT-2025-22701 · WordPress · Grand Tour
Name of the Vulnerable Software and Affected Versions: Grand Tour | Travel Agency WordPress versions through 5.5.1 Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. This can potentially be exploited by injecting malicious objects into the...
WordPress plugin Grand Tour | Travel Agency 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...
rvtrader.com XSS vulnerability
Open Bug Bounty ID: OBB-553453 Description| Value ---|--- Affected Website:| rvtrader.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...