65 matches found
VulnCheck KEV: CVE-2025-54726
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows SQL Injection.This issue affects JS Archive List: from n/a through 6.1.6...
CVE-2026-32513
Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through = 6.1.7...
EUVD-2026-15870
Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through = 6.1.7...
CVE-2026-32513
Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through = 6.1.7...
PT-2026-28027
Name of the Vulnerable Software and Affected Versions JS Archive List versions through 6.1.7 Description A flaw exists in the deserialization of untrusted data within the jquery-archive-list-widget component of JS Archive List, potentially allowing for object injection. Recommendations Update JS...
WordPress Element Pack Elementor Addons plugin <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Price List Widget vulnerability discovered by wesley wcraft in WordPress Plugin Element Pack Elementor Addons versions = 5.6.0...
CVE-2025-23952
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ntm custom-field-list-widget custom-field-list-widget allows PHP Local File Inclusion.This issue affects custom-field-list-widget: from n/a through = 1.5.1...
CVE-2024-2666
The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Bullet List Widget in all versions up to, and including, 4.10.24 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
EUVD-2023-51771
Malicious code in bioql PyPI...
EUVD-2023-51627
Malicious code in bioql PyPI...
EUVD-2025-8182
Malicious code in bioql PyPI...
EUVD-2025-26968
Malicious code in bioql PyPI...
EUVD-2025-2794
Malicious code in bioql PyPI...
CVE-2025-8722
The Content Views plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid and List widgets in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-8722
The Content Views plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid and List widgets in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-8722 Content Views <= 4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Grid and List Widgets
The Content Views plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid and List widgets in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-8722
CVE-2025-8722 (Content Views plugin for WordPress) : Stored Cross-Site Scripting via the plugin’s Grid and List Widgets in versions ≤ 4.1 due to insufficient input sanitization and output escaping on user attributes. Exploitation requires authenticated access at contributor level or higher, enabl...
PT-2025-36360
Name of the Vulnerable Software and Affected Versions: Content Views plugin for WordPress versions prior to 4.2 Description: The Content Views plugin for WordPress is susceptible to Stored Cross-Site Scripting via the plugin's Grid and List widgets. This is due to insufficient input sanitization...
CVE-2025-58810
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jimmywb Simple Link List Widget simple-link-list-widget allows Stored XSS.This issue affects Simple Link List Widget: from n/a through = 0.3.2...
CVE-2025-58810
CVE-2025-58810 relates to the WordPress plugin Simple Link List Widget (versions