CVE-2026-8726

The extension fails to properly sanitize user input before using it in a database query. As a result, an unauthenticated attacker can inject arbitrary SQL through a URL parameter on pages using the "Date Menu of news articles" plugin. Exploitation requires the "Date Menu of news articles" plugin ...

FBI’s 2025 Internet Crime Report

The 2025 Internet Crime Report was published a few weeks ago, but I only just saw it. Lots of interesting statistics. Press release. News articles...

CVE-2026-8726

The extension fails to properly sanitize user input before using it in a database query. As a result, an unauthenticated attacker can inject arbitrary SQL through a URL parameter on pages using the "Date Menu of news articles" plugin. Exploitation requires the "Date Menu of news articles" plugin ...

CVE-2026-8726

The extension fails to properly sanitize user input before using it in a database query. As a result, an unauthenticated attacker can inject arbitrary SQL through a URL parameter on pages using the "Date Menu of news articles" plugin. Exploitation requires the "Date Menu of news articles" plugin ...

PHPFusion 安全漏洞

PHPFusion is an open-source, lightweight content management system developed by Malaysia-based PHPFusion Company, based on MySQL and PHP technologies. This system includes modules for news, articles, and forums. Version PHPFusion 9.03.50 contains a security vulnerability; this vulnerability stems...

EUVD-2020-2932

Malware in sbrugna...

EUVD-2012-4448

Malware in sbrugna...

EUVD-2022-7323

Malicious code in bioql PyPI...

EUVD-2024-45692

Malicious code in bioql PyPI...

CVE-2024-51897

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Erik Saulnier News Articles news-articles allows Stored XSS.This issue affects News Articles: from n/a through = 1.0.0...

CVE-2022-44070

Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting XSS via News articles...

CVE-2024-51897 WordPress News Articles plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Erik Saulnier News Articles news-articles allows Stored XSS.This issue affects News Articles: from n/a through = 1.0.0...

CVE-2024-51897 WordPress News Articles plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Erik Saulnier News Articles allows Stored XSS.This issue affects News Articles: from n/a through 1.0.0...

CVE-2024-51897

CVE-2024-51897 refers to an stored XSS in the WordPress plugin “News Articles” by Erik Saulnier. The Initial and connected records show this affects News Articles versions up to 1.0.0 and arise from improper input neutralization during web page generation. The available documents do not specify a...

WordPress plugin News Articles 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress News Articles plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin News Articles versions = 1.0.0...

WordPress News Articles Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software News Articles Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51897 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b2e622b9d30c Credits SOPROBRO Required privilege Contributor...

CVE-2023-33780

A stored cross-site scripting XSS vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article...

GHSA-F454-JM6X-56Q6 Cross-site Scripting in Zenario

Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting XSS via News articles...

Cross-site Scripting in Zenario

Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting XSS via News articles...