3 matches found
CVE-2026-15099
The Delicious Recipes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'steps' block attribute in versions up to, and including, 1.10.2. This is due to insufficient input sanitization and output escaping in the wrapdirectiontext function, which interpolates the...
EUVD-2022-37428
Malicious code in bioql PyPI...
CVE-2022-34473
The HTML Sanitizer should have sanitized the href attribute of SVG use tags; however it incorrectly did not sanitize xlink:href attributes. This vulnerability affects Firefox 102...