EUVD-2025-12322

Malicious code in bioql PyPI...

CVE-2025-46226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ferranfg MPL-Publisher mpl-publisher allows Stored XSS.This issue affects MPL-Publisher: from n/a through = 2.18.0...

WordPress MPL-Publisher plugin <= 2.18.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin MPL-Publisher versions = 2.18.0...

CVE-2025-46226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ferranfg MPL-Publisher allows Stored XSS. This issue affects MPL-Publisher: from n/a through 2.18.0...

CVE-2025-46226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ferranfg MPL-Publisher mpl-publisher allows Stored XSS.This issue affects MPL-Publisher: from n/a through = 2.18.0...

CVE-2025-46226

CVE-2025-46226: Stored XSS in MPL-Publisher

CVE-2025-46226 WordPress MPL-Publisher plugin <= 2.18.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ferranfg MPL-Publisher mpl-publisher allows Stored XSS.This issue affects MPL-Publisher: from n/a through = 2.18.0...

CVE-2025-46226 WordPress MPL-Publisher <= 2.18.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ferranfg MPL-Publisher allows Stored XSS. This issue affects MPL-Publisher: from n/a through 2.18.0...

PT-2025-17493 · Ferranfg · Mpl-Publisher

Name of the Vulnerable Software and Affected Versions: ferranfg MPL-Publisher versions n/a through 2.18.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

WordPress plugin MPL-Publisher 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2021-39343

The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /libs/PublisherController.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in...

Cross site scripting

The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /libs/PublisherController.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in...

CVE-2021-39343 MPL-Publisher – Self-publish your book & ebook <= 1.30.2 Authenticated Stored Cross-Site Scripting

The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /libs/PublisherController.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in...

CVE-2021-39343 MPL-Publisher – Self-publish your book & ebook <= 1.30.2 Authenticated Stored Cross-Site Scripting

The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /libs/PublisherController.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in...

CVE-2021-39343

CVE-2021-39343 – MPL-Publisher WordPress plugin is affected up to version 1.30.2. The flaw is a Stored Cross-Site Scripting (XSS) caused by insufficient input validation/sanitization in multiple parameters handled by ~/libs/PublisherController.php. An attacker with administrative privileges can i...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. The WordPress Plugin suffers from a cross-site scripting vulnerability that stems from the...

WordPress MPL-Publisher – Self-publish your book & ebook plugin <= 1.30.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress MPL-Publisher – Self-publish your book & ebook plugin versions = 1.30.2. Solution Update the WordPress MPL-Publisher – Self-publish your book & ebook plugin to the latest available versi...

MPL-Publisher - Self-publish your book & ebook < 1.30.4 - Admin+ Stored Cross-Site Scripting

The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /libs/PublisherController.php file which allowed attackers with administrative user access to inject arbitrary web scripts. This affects multi-site...