CVE-2023-20695

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 For MT6880, MT6890, MT6980 and MT69...

CVE-2023-20696

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 For MT6880 and MT6890 only; Issue I...

CVE-2022-20069

In preloader usb, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20056

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20055

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

CVE-2022-20060

In preloader usb, there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitatio...

CVE-2022-20074

In preloader partition, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patc...

CVE-2021-24789

The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

CVE-2021-24685

The Flat Preloader WordPress plugin before 1.5.4 does not enforce nonce checks when saving its settings, as well as does not sanitise and escape them, which could allow attackers to a make logged in admin change them with a Cross-Site Scripting payload triggered either in the frontend or backend...

CVE-2021-24344

The Easy Preloader WordPress plugin through 1.0.0 does not sanitise its setting fields, leading to authenticated admin+ Stored Cross-Site scripting issues...

CVE-2018-9371

In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional...

CVE-2025-30530

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Atikul AI Preloader ai-preloader allows Stored XSS.This issue affects AI Preloader: from n/a through = 1.0.2...

CVE-2025-30530

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Atikul AI Preloader ai-preloader allows Stored XSS.This issue affects AI Preloader: from n/a through = 1.0.2...

CVE-2025-30530 WordPress AI Preloader plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Atikul AI Preloader ai-preloader allows Stored XSS.This issue affects AI Preloader: from n/a through = 1.0.2...

CVE-2025-30530

CVE-2025-30530 is a Stored XSS in the AI Preloader WordPress plugin, affecting AI Preloader versions up to 1.0.2. Exploitation requires Administrator privileges; root cause is improper neutralization of input during web page generation. Connected documents confirm affected software and version ra...

CVE-2025-30530 WordPress AI Preloader plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Atikul AI Preloader ai-preloader allows Stored XSS.This issue affects AI Preloader: from n/a through = 1.0.2...

WordPress AI Preloader plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin AI Preloader versions = 1.0.2...

WordPress plugin AI Preloader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2024-56022

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordPress Monsters Preloader by WordPress Monsters preloader-sws allows Reflected XSS.This issue affects Preloader by WordPress Monsters: from n/a through = 1.2.3...

CVE-2025-23682

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bhuvnesh Gupta Preloader Quotes preloader-quotes allows Reflected XSS.This issue affects Preloader Quotes: from n/a through = 1.0.0...