WordPress plugin NotFound Smooth Dynamic Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

WordPress plugin NotFound Attach Gallery Posts 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress...

WordPress plugin NotFound melascrivi 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...

WordPress plugin NotFound ntp-header-images 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

CVE-2025-26948

Missing Authorization vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a through 3.8.3.2...

CVE-2025-26926

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

CVE-2025-26776

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...

CVE-2025-22639

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Techspawn Distance Rate Shipping for WooCommerce distance-rate-shipping-for-woocommerce-pro allows Blind SQL Injection.This issue affects Distance Rate Shipping for WooCommerce: from n/a through =...

CVE-2025-26778

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jordy Meow Gallery gallery allows Stored XSS.This issue affects Gallery: from n/a through = 2.2.1...

CVE-2025-22680

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Ad Inserter Pro allows Reflected XSS. This issue affects Ad Inserter Pro: from n/a through 2.7.39...

CVE-2025-22639

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Techspawn Distance Rate Shipping for WooCommerce distance-rate-shipping-for-woocommerce-pro allows Blind SQL Injection.This issue affects Distance Rate Shipping for WooCommerce: from n/a through =...

CVE-2024-56000

Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements k-elements allows Privilege Escalation.This issue affects K Elements: from n/a through 5.4.0...

CVE-2024-56000

CVE-2024-56000 concerns the K Elements plugin for WordPress. Affected software is K Elements prior to 5.4.0. The connected details identify the root cause as an Authentication Bypass vulnerability that could enable Privilege Escalation. The CVE is listed as Patch Status: Patched, indicating a fix...

CVE-2025-26778

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jordy Meow Gallery gallery allows Stored XSS.This issue affects Gallery: from n/a through = 2.2.1...

CVE-2025-26778

CVE-2025-26778 is a stored XSS in the WordPress Gallery Custom Links Plugin (gallery)

PT-2025-7236 · Unknown · Notfound Gallery

Name of the Vulnerable Software and Affected Versions: NotFound Gallery versions n/a through 2.2.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This means that an attacker can inject malicious...

CVE-2025-23975

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cheesefather Botnet Attack Blocker botnet-attack-blocker allows Stored XSS.This issue affects Botnet Attack Blocker: from n/a through = 2.0.0...

CVE-2025-22289

Missing Authorization vulnerability in NotFound LTL Freight Quotes – Unishippers Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LTL Freight Quotes – Unishippers Edition: from n/a through 2.5.8...

CVE-2024-44044

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brandexponents Oshine Modules oshine-modules allows Reflected XSS.This issue affects Oshine Modules: from n/a through 3.3.8...

CVE-2025-22680

CVE-2025-22680 corresponds to a Reflected Cross-Site Scripting (XSS) vulnerability in WordPress plugin Ad Inserter Pro, affecting versions up to and including 2.7.39. The CVE entry notes an improper neutralization of input during web page generation, enabling reflected XSS. The core details in co...