17 matches found
EUVD-2022-48672
Malicious code in bioql PyPI...
EUVD-2025-2705
Malicious code in bioql PyPI...
CVE-2025-22305
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Essential Plugin Hero Banner Ultimate hero-banner-ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through = 1.4.4...
CVE-2025-22305
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Essential Plugin Hero Banner Ultimate hero-banner-ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through = 1.4.4...
CVE-2025-22305
CVE-2025-22305 is an authenticated PHP Local File Inclusion vulnerability in the WordPress plugin Hero Banner Ultimate (and its WP OnlineSupport/Essential Plugin companion) that allows inclusion of local files via an improper filename control in Include/Require. Affected versions are listed as up...
CVE-2025-22305 WordPress Hero Banner Ultimate plugin <= 1.4.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Essential Plugin Hero Banner Ultimate hero-banner-ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through = 1.4.4...
CVE-2025-22305 WordPress Hero Banner Ultimate plugin <= 1.4.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through 1.4.2...
PT-2025-4420 · WordPress · Hero Banner Ultimate
Name of the Vulnerable Software and Affected Versions: Hero Banner Ultimate versions 1.4.2 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability, in WP OnlineSupport,...
WordPress plugin Hero Banner Ultimate 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Hero Banner Ultimate plugin <= 1.4.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Hero Banner Ultimate versions = 1.4.4...
CVE-2022-45818
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin = 1.3.4 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin = 1.3.4 versions...
CVE-2022-45818 WordPress Hero Banner Ultimate Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin = 1.3.4 versions...
CVE-2022-45818
CVE-2022-45818 is a stored XSS vulnerability in the WordPress plugin Hero Banner Ultimate (
CVE-2022-45818 WordPress Hero Banner Ultimate Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin = 1.3.4 versions...
WordPress plugin Hero Banner Ultimate 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Hero Banner Ultimate Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)
Software Hero Banner Ultimate Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-45818 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f00bc682c547 Credits thiennv Required...