8 matches found
EUVD-2025-27520
Malicious code in bioql PyPI...
CVE-2025-9857
The Heateor Login – Social Login Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'HeateorFacebookLogin' shortcode in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This make...
WordPress Heateor Login plugin cross-site scripting vulnerability
WordPress Heateor Login plugin is a social login plugin for WordPress, which supports users to realize one-click login and registration function through 23 social networks such as Facebook, Twitter, LinkedIn, Google and so on. A cross-site scripting vulnerability exists in the WordPress Heateor...
CVE-2025-9857
The Heateor Login – Social Login Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'HeateorFacebookLogin' shortcode in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This make...
CVE-2025-9857 Heateor Login – Social Login Plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Heateor Login – Social Login Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'HeateorFacebookLogin' shortcode in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This make...
CVE-2025-9857
The CVE-2025-9857 entry refers to the WordPress plugin Heateor Login – Social Login Plugin. AStored Cross-Site Scripting vulnerability exists in the shortcode Heateor_Facebook_Login, affecting all versions up to and including 1.1.9 due to insufficient input sanitization and output escaping on use...
WordPress plugin Heateor Login 跨站脚本漏洞
WordPress Heateor Login plugin is a social login plugin for WordPress, which supports users to realize one-click login and registration function through 23 social networks such as Facebook, Twitter, LinkedIn, Google and so on. A cross-site scripting vulnerability exists in the WordPress Heateor...
WordPress Heateor Login – Social Login Plugin plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang in WordPress Plugin Heateor Login versions = 1.1.9...