firefox: thunderbird: Privilege escalation in the DOM: Notifications component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...

firefox: thunderbird: Privilege escalation in the DOM: Notifications component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...

firefox: thunderbird: Privilege escalation in the DOM: Notifications component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...

WordPress plugin Geo Controller 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2026-1279

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in KlbTheme Machic Core allows DOM-Based XSS.This issue affects Machic Core: from n/a through 1.2.6...

PT-2026-21708

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A mitigation bypass exists in the DOM: HTML Parser...

PT-2026-21703

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A use-after-free issue exists in the DOM: Bindings WebIDL...

PT-2026-21720

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A use-after-free issue exists in the DOM, specifically...

CVE-2025-62119

CVE-2025-62119 corresponds to the WordPress plugin Add Featured Image Custom Link. According to the connected Wordfence report, it is an Authenticated (Author+) Stored DOM-based XSS vulnerability affecting Add Featured Image Custom Link versions ≤ 2.0.0. The report lists the CVE with the issue ty...

CVE-2025-62756

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lvaudore The Moneytizer the-moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through = 10.0.9...

CVE-2025-62748 WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder vc-addons-by-bit14 allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through = 1.5...

CVE-2025-69033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.3...

CVE-2025-62758

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Funnelforms Funnelforms Free funnelforms-free allows DOM-Based XSS.This issue affects Funnelforms Free: from n/a through = 3.8...

PT-2025-54311

Name of the Vulnerable Software and Affected Versions WebMan Amplifier versions through 1.5.12 Description A flaw exists in WebMan Amplifier that allows for DOM-Based Cross-site Scripting XSS. This issue occurs due to improper neutralization of input during web page generation. The vulnerability...

PT-2025-54308

Name of the Vulnerable Software and Affected Versions Bainternet User Specific Content versions through 1.0.6 Description The software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-Site Scripting XSS condition. This allows for the...

PT-2025-54307

Name of the Vulnerable Software and Affected Versions Genetech Products Web and WooCommerce Addons for WPBakery Builder versions through 1.5 Description The software contains a flaw related to improper input handling during web page creation, leading to a DOM-Based Cross-site Scripting issue. Thi...

WordPress plugin Funnelforms Free 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-64190 WordPress XStore Core plugin < 5.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows DOM-Based XSS.This issue affects XStore Core: from n/a through 5.6...

EUVD-2025-205757

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes DesignThemes Core designthemes-core allows DOM-Based XSS.This issue affects DesignThemes Core: from n/a through = 1.6...

CVE-2025-69088 WordPress Combo Offers WooCommerce plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vidish Combo Offers WooCommerce woo-combo-offers allows DOM-Based XSS.This issue affects Combo Offers WooCommerce: from n/a through = 4.2...