CVE-2025-23682

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bhuvnesh Gupta Preloader Quotes preloader-quotes allows Reflected XSS.This issue affects Preloader Quotes: from n/a through = 1.0.0...

CVE-2025-23682 WordPress Preloader Quotes plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bhuvnesh Gupta Preloader Quotes preloader-quotes allows Reflected XSS.This issue affects Preloader Quotes: from n/a through = 1.0.0...

CVE-2025-23682 WordPress Preloader Quotes plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Preloader Quotes allows Reflected XSS. This issue affects Preloader Quotes: from n/a through 1.0.0...

CVE-2025-23682

CVE-2025-23682 is an XSS vulnerability described as a reflected cross-site scripting issue in the NotFound Preloader Quotes plugin for WordPress, allowing injection during web page generation. Public description indicates the affected plugin is “Preloader Quotes” with versions from n/a up to 1.0....

WordPress plugin Preloader Quotes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Preloader Quotes plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Preloader Quotes versions = 1.0.0...

CVE-2024-56022

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordPress Monsters Preloader by WordPress Monsters preloader-sws allows Reflected XSS.This issue affects Preloader by WordPress Monsters: from n/a through = 1.2.3...

CVE-2024-56022 WordPress Preloader by WordPress Monsters plugin <= 1.2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordPress Monsters Preloader by WordPress Monsters allows Reflected XSS.This issue affects Preloader by WordPress Monsters: from n/a through 1.2.3...

CVE-2024-56022

CVE-2024-56022: Reflected Cross-Site Scripting in Preloader by WordPress Monsters (WordPress Monsters Preloader). The vulnerability arises from improper input neutralization during web page generation, enabling reflected XSS. Affected product: Preloader by WordPress Monsters; affected versions: f...

WordPress plugin Preloader by WordPress Monsters 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2025-3170 · Wordpress Monsters · Preloader

Name of the Vulnerable Software and Affected Versions: Preloader by WordPress Monsters versions 1.2.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential...

WordPress Preloader by WordPress Monsters plugin <= 1.2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhamad Agil Fachrian Patchstack Alliance in WordPress Plugin Preloader by WordPress Monsters versions = 1.2.3...

CVE-2018-9371

In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional...

CVE-2018-9371

In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional...

CVE-2018-9371

In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional...

PT-2024-10648 · Mediatek · Mediatek Preloader

Name of the Vulnerable Software and Affected Versions: Mediatek Preloader affected versions not specified Description: The issue is related to out of bounds reads and writes in the Mediatek Preloader due to an exposed interface. This interface allows arbitrary peripheral memory mapping with...

PT-2024-39611 · WordPress · The Exclusive Divi – Divi Preloader

Name of the Vulnerable Software and Affected Versions: The Exclusive Divi – Divi Preloader, Modules for Divi & Extra Theme plugin for WordPress versions up to, and including, 1.4 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input...

WordPress Preloader Plus – WordPress Loading Screen Plugin plugin <= 2.2.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by wesley wcraft in WordPress Plugin Preloader Plus - Wordpress Loading Screen Plugin versions = 2.2.1...

WordPress Preloader Plus - Wordpress Loading Screen Plugin Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Preloader Plus - Wordpress Loading Screen Plugin Type Plugin Vulnerable versions = 2.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6849 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8e46abc24ae4...

CVE-2024-6849

The Preloader Plus – WordPress Loading Screen Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...