CVE-2025-48323

CVE-2025-48323 is a stored XSS vulnerability in the WordPress plugin Advance Food Menu (affected: versions up to 1.0; vulnerability described as improper neutralization of input during web page generation). The issue allows injection of arbitrary web scripts/HTML via user-supplied data. Reported ...

CVE-2025-48323 WordPress Advance Food Menu plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Md Abunaser Khan Advance Food Menu advance-food-menu allows Stored XSS.This issue affects Advance Food Menu: from n/a through = 1.0...

CVE-2025-48323 WordPress Advance Food Menu plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Md Abunaser Khan Advance Food Menu advance-food-menu allows Stored XSS.This issue affects Advance Food Menu: from n/a through = 1.0...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 140.2 MFSA 2025-72 bsc1248162: CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component...

SUSE-SU-2025:03007-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 140.2 MFSA 2025-72 bsc1248162: CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component...

WordPress plugin Advance Food Menu 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Advance Food Menu has a cross-site scripting vulnerability, the vulnerability stems fro...

PT-2025-35011

Name of the Vulnerable Software and Affected Versions: Md Abunaser Khan Advance Food Menu versions through 1.0 Description: The software contains a Stored Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. This allows malicious actors to inject...

CVE-2025-49035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in chaimchaikin Admin Menu Groups admin-menu-groups allows Stored XSS.This issue affects Admin Menu Groups: from n/a through = 0.1.2...

CVE-2025-49035

CVE-2025-49035 corresponds to a Stored XSS weakness in the WordPress plugin Admin Menu Groups. Affected: Admin Menu Groups versions up to 0.1.2. Root cause: improper neutralization of user input during web page generation. Impact per the sources is stored XSS that could affect authenticated users...

CVE-2025-49035 WordPress Admin Menu Groups plugin <= 0.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in chaimchaikin Admin Menu Groups admin-menu-groups allows Stored XSS.This issue affects Admin Menu Groups: from n/a through = 0.1.2...

CVE-2025-49035 WordPress Admin Menu Groups plugin <= 0.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in chaimchaikin Admin Menu Groups allows Stored XSS.This issue affects Admin Menu Groups: from n/a through 0.1.2...

WordPress plugin Admin Menu Groups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

PT-2025-34824 · Unknown · Chaimchaikin Admin Menu Groups

Name of the Vulnerable Software and Affected Versions: chaimchaikin Admin Menu Groups versions through 0.1.2 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-Site Scripting XSS. Recommendations: Update...

MAL-2025-41854 Malicious code in @espace-client-axafr/document-menu (npm)

The package communicates with a domain associated with malicious activity...

Collaborative Intelligence: Topic Modelling of Large Language Model Use in Live Cybersecurity Operations

Objective: This work describes the topic modelling of Security Operations Centre SOC use of a large language model LLM, during live security operations. The goal is to better understand how these specialists voluntarily use this tool. Background: Human-automation teams have been extensively...

Malicious code in global-copilot-menu (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-41387 Malicious code in global-copilot-menu (npm)

The package communicates with a domain associated with malicious activity...

WordPress Advance Food Menu plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Vinit Lakra Patchstack Alliance in WordPress Plugin Advance Food Menu versions = 1.0...

CVE-2025-49436

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Anotte anotte-wp allows PHP Local File Inclusion.This issue affects Anotte: from n/a through = 1.8...

CVE-2025-49436

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Anotte anotte-wp allows PHP Local File Inclusion.This issue affects Anotte: from n/a through = 1.8...