5661 matches found
EUVD-2025-12006
Malicious code in bioql PyPI...
EUVD-2024-40074
Malicious code in bioql PyPI...
CVE-2025-0876
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Isin Basi Advertisement Information Technologies Trade Inc. IT's Workif allows Cross-Site Scripting XSS. This issue affects IT's Workif: through 20251003. NOTE: The vendor was contacted earl...
Workif 跨站脚本漏洞
Workif is a customer tracking management software from Workif Turkey. A cross-site scripting vulnerability exists in Workif 20251003 and earlier versions, which stems from improper input neutralization and could lead to cross-site scripting attacks...
Chef Software Chef Automate SQL注入漏洞
Chef Software Chef Automate is an automation platform from Chef Software for automating and managing infrastructure, applications, and compliance to help organizations achieve continuous delivery, automated operations, and security compliance. A SQL injection vulnerability exists in Chef Software...
CVE-2025-60138
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Blocks skt-blocks allows Stored XSS.This issue affects SKT Blocks: from n/a through = 2.6...
CVE-2025-60163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through = 3.2...
CVE-2025-6396 XSS in Webbeyaz's web site
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Webbeyaz Website Design Website Software allows Cross-Site Scripting XSS. This issue affects Website Software: through 2025.07.14...
CVE-2025-60162
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Job Board Manager job-board-manager allows DOM-Based XSS.This issue affects Job Board Manager: from n/a through = 2.1.61...
CVE-2025-60163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through = 3.2...
CVE-2025-60133
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DJ-Extensions.com PE Easy Slider pe-easy-slider allows Stored XSS.This issue affects PE Easy Slider: from n/a through = 1.1.0...
CVE-2025-60179 WordPress Click & Tweet Plugin <= 0.8.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Space Studio Click & Tweet allows Stored XSS. This issue affects Click & Tweet: from n/a through 0.8.9...
CVE-2025-60177
CVE-2025-60177 describes a Stored XSS in the Recaptcha – wp WordPress plugin. Affected: Recaptcha – wp from n/a through 0.2.6. Root cause: improper neutralization of input during web page generation. Impact per CVSS: Confidentiality/Integrity/Availability Low, but attacker requires High privilege...
CVE-2025-60154 WordPress MWW Disclaimer Buttons plugin <= 3.41 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jennifer Moss MWW Disclaimer Buttons mww-disclaimer-buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons: from n/a through = 3.41...
CVE-2025-60105 WordPress Ditty Plugin <= 3.1.58 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in metaphorcreations Ditty ditty-news-ticker allows Stored XSS.This issue affects Ditty: from n/a through = 3.1.58...
CVE-2025-48107 WordPress Uncode theme < 2.9.4.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in undsgn Uncode uncode allows Reflected XSS.This issue affects Uncode: from n/a through 2.9.4.4...
PT-2025-39592
Name of the Vulnerable Software and Affected Versions Notely versions through 1.8.0 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means an attacker could potentially inject malicious...
WordPress plugin Woostify 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
PT-2025-39616
Name of the Vulnerable Software and Affected Versions Space Studio Click & Tweet versions through 0.8.9 Description The software contains a flaw related to improper handling of user-supplied data during web page creation, which can lead to Cross-site Scripting XSS. This specific instance is a...
WordPress plugin Simple Colorbox 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...