39 matches found
EUVD-2024-33149
Malicious code in bioql PyPI...
EUVD-2025-4342
Malicious code in bioql PyPI...
EUVD-2025-8393
Malicious code in bioql PyPI...
CVE-2024-10874
The Quotes llama plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quotes-llama' shortcode in all versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2022-1566
The Quotes llama WordPress plugin before 1.0.0 does not sanitise and escape Quotes, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. The attack could also be performed by tricking an admin to import a malicious CS...
CVE-2025-30786
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows DOM-Based XSS.This issue affects Quotes llama: from n/a through = 3.1.0...
CVE-2025-30786
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows DOM-Based XSS.This issue affects Quotes llama: from n/a through = 3.1.0...
CVE-2025-30786 WordPress Quotes llama plugin <= 3.1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows DOM-Based XSS.This issue affects Quotes llama: from n/a through = 3.1.0...
CVE-2025-30786 WordPress Quotes llama plugin <= 3.1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows DOM-Based XSS.This issue affects Quotes llama: from n/a through = 3.1.0...
CVE-2025-30786
CVE-2025-30786 is a DOM-based/Stored Cross-Site Scripting vulnerability in the WordPress plugin Quotes llama (quotes-llama) affecting versions up to and including 3.1.0 . The vulnerability is listed as Authenticated (Contributor+) Stored Cross-Site Scripting , implying exploitation requires valid...
WordPress Quotes llama plugin <= 3.1.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Quotes llama versions = 3.1.0...
WordPress plugin Quotes llama 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2025-27307
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows Reflected XSS.This issue affects Quotes llama: from n/a through = 3.0.1...
CVE-2025-27307
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows Reflected XSS.This issue affects Quotes llama: from n/a through = 3.0.1...
WordPress Quotes llama plugin <= 3.0.1 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Quotes llama versions = 3.0.1...
CVE-2025-27307
CVE-2025-27307 pertains to the WordPress plugin Quotes llama. Multiple sources (e.g., Patchstack) document a Cross-Site Scripting (XSS) vulnerability in Quotes llama versions up to 3.0.1, caused by improper input handling in web page generation. The CVE record also lists the affected software and...
CVE-2025-27307 WordPress Quotes llama plugin <= 3.0.1 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows Reflected XSS.This issue affects Quotes llama: from n/a through = 3.0.1...
CVE-2025-27307 WordPress Quotes llama plugin <= 3.0.1 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oooorgle Quotes llama quotes-llama allows Reflected XSS.This issue affects Quotes llama: from n/a through = 3.0.1...
WordPress plugin Quotes llama 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-7737 · Unknown · Quotes Llama
Name of the Vulnerable Software and Affected Versions: Quotes llama versions n/a through 3.0.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS attacks. Recommendations: For versions...