CVE-2025-13048

CVE-2025-13048 affects the StatCounter – Free Real Time Visitor Stats WordPress plugin. It is a Stored XSS via the Nickname field in versions up to 2.1.0, exploitable by authenticated attackers with Contributor-level access. The Wordfence and related sources in the Connected documents indicate re...

CVE-2025-13048 Official StatCounter Plugin <= 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Nickname

The StatCounter – Free Real Time Visitor Stats plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user's Nickname in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Official StatCounter Plugin plugin <= 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Nickname vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Nickname vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin StatCounter versions = 2.1.0...

RPCMS 跨站脚本漏洞

RPCMS is a software application. A website CMS system. A cross-site scripting vulnerability exists in RPCMS, which stems from the fact that the "Nickname" variable is not properly sanitized before it is displayed on a page in RPCMS v1.8 and below. The vulnerability can be exploited to inject an X...

Bontago Game Server 1.1 - Remote Nickname Buffer Overrun

Bontago Game Server 1.1 - Remote Nickname Buffer Overrun source: https://www.securityfocus.com/bid/12603/info The Bontago game server is reported to be affected by a remote buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient boundary checks performed on...

Impressions Games Lords of the Realm III - Nickname Remote Denial of Service

// source: https://www.securityfocus.com/bid/11223/info A problem in the handling of nicknames is reported in the Lords of the Realm III server. Because of this, an attacker may be able to deny service to users of the game server. The problem is in the handling of nicknames of excessive length. I...

Medieval Total War 1.01.1 - nickname Denial of Service

Medieval Total War 1.01.1 - nickname Denial of Service source: https://www.securityfocus.com/bid/8787/info It has been reported that Medieval Total War may be prone to a denial of service vulnerability. The issue is caused when an attacker sends a malformed value for nickname consisting of 0...

CVE-2003-0328

EPIC IRC Client EPIC4 pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service crash and possibly execute arbitrary code via a CTCP request from a large nickname, which causes an incorrect length calculation...