12 matches found
CVE-2026-1189
The LeadBI Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formid' parameter of the 'leadbiform' shortcode in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2026-1189 LeadBI Plugin for WordPress <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_id' Shortcode Attribute
The LeadBI Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formid' parameter of the 'leadbiform' shortcode in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2026-1189 LeadBI Plugin for WordPress <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'form_id' Shortcode Attribute
The LeadBI Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formid' parameter of the 'leadbiform' shortcode in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
PT-2026-4603
The LeadBI Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form id' parameter of the 'leadbi form' shortcode in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...
WordPress plugin LeadBI Plugin for WordPress Cross-Site Script Vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
EUVD-2025-35501
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leadbi LeadBI Plugin for WordPress leadbi allows Stored XSS.This issue affects LeadBI Plugin for WordPress: from n/a through = 1.7...
CVE-2025-49960
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leadbi LeadBI Plugin for WordPress leadbi allows Stored XSS.This issue affects LeadBI Plugin for WordPress: from n/a through = 1.7...
CVE-2025-49960 WordPress LeadBI Plugin for WordPress plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leadbi LeadBI Plugin for WordPress leadbi allows Stored XSS.This issue affects LeadBI Plugin for WordPress: from n/a through = 1.7...
CVE-2025-49960 WordPress LeadBI Plugin for WordPress plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leadbi LeadBI Plugin for WordPress leadbi allows Stored XSS.This issue affects LeadBI Plugin for WordPress: from n/a through = 1.7...
PT-2025-43221
Name of the Vulnerable Software and Affected Versions LeadBI Plugin for WordPress versions through 1.7 Description The LeadBI Plugin for WordPress contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that...
WordPress plugin LeadBI 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress LeadBI Plugin for WordPress plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Mika in WordPress Plugin LeadBI Plugin for WordPress versions = 1.7...