EUVD-2026-14525

MantisBT has Stored HTML Injection/XSS when displaying Tags in Timeline...

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper escaping of tag names retrieved from History in the Timeline. An attacker can execute arbitrary HTML or JavaScript code in the context of the affected...

CVE-2026-33548

Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...

CVE-2026-33548

Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...

PT-2026-27183

Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker versions prior to 2.28.1 Description Mantis Bug Tracker version 2.28.0 contains a flaw due to improper escaping of tag names retrieved from History in the Timeline feature, specifically within the my view page.php file. This...

CVE-2025-62150

Missing Authorization vulnerability in themesawesome History Timeline timeline-awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through = 1.0.6...

CVE-2025-62150

Missing Authorization vulnerability in themesawesome History Timeline timeline-awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through = 1.0.6...

EUVD-2025-206009

Missing Authorization vulnerability in Themesawesome History Timeline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through 1.0.6...

CVE-2025-62150 WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in themesawesome History Timeline timeline-awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through = 1.0.6...

CVE-2025-62150

Technical details for CVE-2025-62150 are not provided in the supplied documents. Public information about affected plugin/version, exploitation, impact, or fixes is not present here; monitor for updates.

CVE-2025-62150 WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themesawesome History Timeline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through 1.0.6...

WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin History Timeline versions = 1.0.6...

WordPress plugin History Timeline 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-54369

Name of the Vulnerable Software and Affected Versions Themesawesome History Timeline versions through 1.0.6 Description A missing authorization flaw exists in Themesawesome History Timeline, stemming from incorrectly configured access control security levels. This allows for potential exploitatio...

EUVD-2025-3201

Malicious code in bioql PyPI...

EUVD-2022-39963

Malicious code in bioql PyPI...

CVE-2025-23475 WordPress History timeline plugin <= 0.7.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fireantology History timeline history-timeline allows Reflected XSS.This issue affects History timeline: from n/a through = 0.7.2...

WordPress plugin History timeline 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress History timeline plugin <= 0.7.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin History timeline versions = 0.7.2...

CVE-2022-37328 WordPress History Timeline plugin <= 1.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated author+ Stored Cross-Site Scripting XSS vulnerability in Themes Awesome History Timeline plugin = 1.0.5 at WordPress...