CVE-2026-4142 Sentence To SEO (keywords, description and tags) <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Permanent keywords' Field

The Sentence To SEO keywords, description and tags plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Permanent keywords' field in all versions up to and including 1.0. This is due to insufficient input sanitization and output escaping. The plugin reads user input via...

CVE-2026-4142 Sentence To SEO (keywords, description and tags) <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Permanent keywords' Field

The Sentence To SEO keywords, description and tags plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Permanent keywords' field in all versions up to and including 1.0. This is due to insufficient input sanitization and output escaping. The plugin reads user input via...

CVE-2019-25693

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collectionedit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to...

CVE-2018-19465

Maccms through 8.0 allows XSS via the sitekeywords field to index.php?m=system-config because of tpl/module/system.php and tpl/html/systemconfig.html, related to template/paody/html/vodindex.html...

EUVD-2020-7526

Malware in sbrugna...

CVE-2020-15539

SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field...

Recipes 跨站脚本漏洞

Recipes are apps for managing recipes, planning meals, creating shopping lists, and more. A cross-site scripting vulnerability exists in Recipes versions 0.17.0 through 1.2.5, which stems from the vulnerability to stored cross-site scripting XSS in the "Name" field of the Keywords, Foods, and Uni...

CVE-2020-18165

Cross Site Scripting XSS in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu"...

CVE-2020-15539

SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field...

CVE-2020-15539

SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field...

Sql injection

SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field...

CVE-2020-15539

SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field...

CVE-2018-18739

An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMSProducts.php?lgid=1 Keywords field...

Cross site scripting

An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMSProducts.php?lgid=1 Keywords field...

SEMCMS Cross-Site Scripting Vulnerability (CNVD-2019-01724)

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. A cross-site scripting vulnerability exists in SEMCMS version 3.4, which can be exploited by remote attackers to inject arbitrary Web script or HTML into the Keywords field of the...

CVE-2018-18739

An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMSProducts.php?lgid=1 Keywords field...