CVE-2025-32188 WordPress Advanced Woo Labels plugin <= 2.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ILLID Advanced Woo Labels allows Stored XSS. This issue affects Advanced Woo Labels: from n/a through 2.14...

CVE-2025-32188 WordPress Advanced Woo Labels plugin <= 2.15 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Stored XSS.This issue affects Advanced Woo Labels: from n/a through = 2.15...

CVE-2025-32188

CVE-2025-32188 - Stored XSS in Advanced Woo Labels (WordPress plugin) Affected software: Advanced Woo Labels (a.k.a. Advanced Woo Labels – Product Labels for WooCommerce) versions up to 2.15 (per connected data; CVE notes up to 2.14). Root cause: Improper neutralization of input during web page g...

WordPress Advanced Woo Labels plugin <= 2.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by savphill in WordPress Plugin Advanced Woo Labels versions = 2.15...

WordPress plugin Advanced Woo Labels 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

PT-2025-14970 · Unknown · Illid Advanced Woo Labels

Name of the Vulnerable Software and Affected Versions: ILLID Advanced Woo Labels versions n/a through 2.14 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

DEBIAN-CVE-2025-21958

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

UBUNTU-CVE-2025-21958

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

CVE-2025-21958 Revert "openvswitch: switch to per-action label counting in conntrack"

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

CVE-2024-10638

The Product Labels For Woocommerce Sale Badges WordPress plugin before 1.5.11 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

SUSE CVE-2025-30163

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...

WordPress Product Labels For Woocommerce plugin < 1.5.9 - Admin+ SQLi vulnerability

Admin+ SQLi vulnerability discovered by tu3n4nh in WordPress Plugin Product Labels For Woocommerce versions 1.5.9...

WordPress Product Labels For Woocommerce plugin < 1.5.11 - Admin+ SQLi vulnerability

Admin+ SQLi vulnerability discovered by tu3n4nh in WordPress Plugin Product Labels For Woocommerce versions 1.5.11...

CVE-2024-12109 Product Labels For Woocommerce < 1.5.9 - Admin+ SQLi

The Product Labels For Woocommerce Sale Badges WordPress plugin before 1.5.9 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2024-12109 Product Labels For Woocommerce < 1.5.9 - Admin+ SQLi

The Product Labels For Woocommerce Sale Badges WordPress plugin before 1.5.9 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2024-10638

The CVE-2024-10638 entry concerns the WordPress plugin Product Labels For Woocommerce (Sale Badges) prior to version 1.5.11. The issue is a SQL injection vulnerability caused by not sanitizing/escaping a parameter before it is used in a SQL statement. Impact is admins with high privileges could p...

CVE-2024-10638 Product Labels For Woocommerce < 1.5.11 - Admin+ SQLi

The Product Labels For Woocommerce Sale Badges WordPress plugin before 1.5.11 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

WordPress plugin Product Labels For Woocommerce (Sale Badges) 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Product...

WordPress plugin Product Labels For Woocommerce (Sale Badges) 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Product...

PT-2025-12750 · WordPress · The Product Table For Woocommerce

Name of the Vulnerable Software and Affected Versions: Product Labels For Woocommerce Sale Badges versions prior to 1.5.9 Description: The issue allows admins to perform SQL injection attacks due to a parameter not being sanitized and escaped before use in a SQL statement. Recommendations: For...