169 matches found
Header Footer Code Manager < 1.1.14 - Admin+ SQL Injection
The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections id: CVE-2021-24791 info: name: Header Footer Code Manag...
Dotnetnuke 9.0.x < 9.13.10 / 10.0.x < 10.02.00 Potential XSS vulnerability in modules' header and footer (CVE-2026-24784)
According to its self-reported version, the instance of Dotnetnuke running on the remote web server is 9.0.x prior to 9.13.10 or 10.0.x prior to 10.02.00. It is, therefore, affected by a vulnerability. - DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsof...
WordPress NinjaTeam Header Footer Custom Code plugin <= 1.2 - Admin+ Stored XSS via CSS Styles vulnerability
Admin+ Stored XSS via CSS Styles vulnerability discovered by Bob Matyas in WordPress Plugin NinjaTeam Header Footer Custom Code versions = 1.2...
CVE-2025-11453
The Header and Footer Scripts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the inpostheadscript parameter in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11453 Header and Footer Scripts <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Header and Footer Scripts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the inpostheadscript parameter in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11453
CVE-2025-11453 affects the Header and Footer Scripts WordPress plugin. Root cause: insufficient input sanitization and output escaping in _inpost_head_script, enabling Stored XSS. Affected versions up to 2.2.2; Wordfence notes patching in subsequent releases (2.3.0+). Impact: authenticated attack...
CVE-2024-2619
The Elementor Header & Footer Builder for WordPress is vulnerable to HTML Injection in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject...
EUVD-2025-203203
The Header Footer Script Adder – Insert Code in Header, Body & Footer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the script adder present in posts in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it...
CVE-2025-12109
The Header Footer Script Adder – Insert Code in Header, Body & Footer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the script adder present in posts in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it...
CVE-2025-12109 Header Footer Script Adder – Insert Code in Header, Body & Footer <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Header Footer Script Adder – Insert Code in Header, Body & Footer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the script adder present in posts in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it...
WordPress plugin Header Footer Script Adder 跨站脚本漏洞
WordPress Header Footer Script Adder plugin is a plugin that allows users to insert custom code in the header and footer areas of a website. The WordPress Header Footer Script Adder plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...
PT-2025-51058
The Header Footer Script Adder – Insert Code in Header, Body & Footer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the script adder present in posts in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it...
Malicious code in epic-ue-header-footer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8916b8659dcf92d4ab60426bcf793346da11211f92f9499c8b445410cc453246 The package epic-ue-header-footer was found to contain malicious code...
EUVD-2025-37090
Malicious code in epic-ue-header-footer npm...
MAL-2025-49203 Malicious code in epic-ue-header-footer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8916b8659dcf92d4ab60426bcf793346da11211f92f9499c8b445410cc453246 The package epic-ue-header-footer was found to contain malicious code...
EUVD-2021-11703
Malware in sbrugna...
EUVD-2024-45461
Malicious code in bioql PyPI...
EUVD-2024-33303
Malicious code in bioql PyPI...
EUVD-2023-54538
Malicious code in bioql PyPI...
EUVD-2024-46909
Malicious code in bioql PyPI...