EUVD-2025-19224

Malicious code in bioql PyPI...

CVE-2025-58602 WordPress If-So Dynamic Content Personalization Plugin <= 1.9.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If-So Dynamic Content If-So Dynamic Content Personalization if-so allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through = 1.9.4...

CVE-2025-49875

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If-So Dynamic Content If-So Dynamic Content Personalization if-so allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through = 1.9.3.1...

CVE-2025-49875

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If-So Dynamic Content If-So Dynamic Content Personalization if-so allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through = 1.9.3.1...

CVE-2025-49875 WordPress If-So Dynamic Content Personalization plugin <= 1.9.3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IfSo Dynamic Content If-So Dynamic Content Personalization allows Stored XSS. This issue affects If-So Dynamic Content Personalization: from n/a through 1.9.3.1...

CVE-2025-49875 WordPress If-So Dynamic Content Personalization plugin <= 1.9.3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If-So Dynamic Content If-So Dynamic Content Personalization if-so allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through = 1.9.3.1...

CVE-2025-49875

CVE-2025-49875 is a Stored XSS in the WordPress plugin If-So Dynamic Content Personalization (versions up to 1.9.3.1). Public sources confirm impact as Cross Site Scripting via input handling in web page generation. The vulnerability affects the If-So Dynamic Content Personalization plugin; explo...

PT-2025-21478 · WordPress · If-So Dynamic Content Personalization

Name of the Vulnerable Software and Affected Versions: If-So Dynamic Content Personalization WordPress plugin versions prior to 1.8.0.3 Description: The issue concerns the If-So Dynamic Content Personalization WordPress plugin, where it fails to validate and escape certain shortcode attributes...

CVE-2024-10796

CVE-2024-10796 (If-So Dynamic Content Personalization, WordPress) The WordPress plugin is vulnerable to information exposure on all versions up to 1.9.2.1 via the ifso-show-post shortcode due to insufficient post access restrictions. Authenticated attackers with Contributor level or higher could ...

CVE-2024-6070 if-so < 1.8.0.4 - Admin+ Stored XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

PT-2024-37364 · WordPress · If-So Dynamic Content Personalization

Name of the Vulnerable Software and Affected Versions: If-So Dynamic Content Personalization WordPress plugin versions prior to 1.8.0.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html...