WordPress plugin tagDiv Composer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

EUVD-2026-8845

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through = 1.4.4...

CVE-2026-22422

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in wpeverest Everest Forms everest-forms allows Code Injection.This issue affects Everest Forms: from n/a through = 3.4.1...

CVE-2025-58412

Fortinet FortiADC products are affected by a vulnerability described as improper neutralization of script-related HTML tags (basic XSS). Affected are FortiADC 8.0.0, 7.6.0–7.6.3, all 7.4 versions, and all 7.2 versions. The issue could let an attacker craft a URL to execute unauthorized code or co...

PT-2025-45211

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...

CVE-2025-59573

CVE-2025-59573: Cozy Blocks (Cozy Themes) for WordPress vulnerable to unauthenticated arbitrary shortcode execution via improper neutralization of script-related HTML; affected versions up to 2.1.29; patch available in 2.1.29; CVSS 3.1 Base 5.3 (Medium).

Django 安全漏洞

Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions prior to 4.2.21, 5.1.9, and 5.2.1, which...

Stirling-PDF 安全漏洞

Stirling-PDF is a powerful, locally hosted, web-based PDF manipulation tool using Docker, open-sourced by Stirling Tools. A security vulnerability exists in Stirling-PDF versions prior to 0.45.0, which stems from a flaw in WeasyPrint's handling of HTML tags that could lead to server-side request...

WordPress plugin Ketchup Shortcodes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Mozilla: Improper handling of html and body tags enabled CSP nonce leakage

The Mozilla Foundation Security Advisory describes this flaw as: Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies...

UBIT Student Information Management System 跨站脚本漏洞

UBIT Student Information Management System is a student management system from UBIT. A security vulnerability exists in UBIT Student Information Management System prior to version 20211126, which is an XSS vulnerability that stems from improperly neutralizing HTML-related tags in web pages...