CVE-2026-42754

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phbernard Favicon favicon-by-realfavicongenerator allows Reflected XSS.This issue affects Favicon: from n/a through = 1.3.46...

CVE-2026-42754

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phbernard Favicon favicon-by-realfavicongenerator allows Reflected XSS.This issue affects Favicon: from n/a through = 1.3.46...

CVE-2026-42754 WordPress Favicon plugin <= 1.3.46 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phbernard Favicon favicon-by-realfavicongenerator allows Reflected XSS.This issue affects Favicon: from n/a through = 1.3.46...

DRUPAL-CONTRIB-2026-019

This module adds the favicons generated by realfavicongenerator.net to your Drupal site. The module does not filter administrator-entered text, leading to a persistent Cross-site scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...

PT-2026-22090

Name of the Vulnerable Software and Affected Versions Drupal Responsive Favicons versions prior to 2.0.2 Description A flaw exists in the Drupal Responsive Favicons module where administrator-entered text is not properly filtered, leading to a Cross-Site Scripting XSS issue. An attacker must...

EUVD-2015-1126

Malware in sbrugna...

CVE-2015-10116

A vulnerability classified as problematic has been found in RealFaviconGenerator Favicon Plugin up to 1.2.12 on WordPress. This affects the function installnewfavicon of the file admin/class-favicon-by-realfavicongenerator-admin.php. The manipulation leads to cross-site request forgery. It is...

CVE-2024-31422 WordPress Favicon by RealFaviconGenerator plugin <= 1.3.29 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Philippe Bernard Favicon.This issue affects Favicon: from n/a through 1.3.29...

CVE-2024-31422 WordPress Favicon by RealFaviconGenerator plugin <= 1.3.29 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Philippe Bernard Favicon.This issue affects Favicon: from n/a through 1.3.29...

WordPress Plugin Favicon by RealFaviconGenerator 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. WordPress Plugin Favicon by...

CVE-2015-10116

A vulnerability classified as problematic has been found in RealFaviconGenerator Favicon Plugin up to 1.2.12 on WordPress. This affects the function installnewfavicon of the file admin/class-favicon-by-realfavicongenerator-admin.php. The manipulation leads to cross-site request forgery. It is...

Cross site request forgery (csrf)

A vulnerability classified as problematic has been found in RealFaviconGenerator Favicon Plugin up to 1.2.12 on WordPress. This affects the function installnewfavicon of the file admin/class-favicon-by-realfavicongenerator-admin.php. The manipulation leads to cross-site request forgery. It is...

CVE-2015-10116 RealFaviconGenerator Favicon Plugin class-favicon-by-realfavicongenerator-admin.php install_new_favicon cross-site request forgery

A vulnerability classified as problematic has been found in RealFaviconGenerator Favicon Plugin up to 1.2.12 on WordPress. This affects the function installnewfavicon of the file admin/class-favicon-by-realfavicongenerator-admin.php. The manipulation leads to cross-site request forgery. It is...

CVE-2015-10116

RealFaviconGenerator Favicon Plugin for WordPress (up to version 1.2.12) is affected. The vulnerability resides in install_new_favicon (admin/class-favicon-by-realfavicongenerator-admin.php), enabling cross-site request forgery (CSRF). Exploitation can be remotely initiated. A patch is available ...

WordPress plugin favicon-by-realfavicongenerator 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2023-10294 · Unknown · Realfavicongenerator Favicon Plugin

Name of the Vulnerable Software and Affected Versions: RealFaviconGenerator Favicon Plugin versions up to 1.2.12 Description: A problematic vulnerability has been found in the RealFaviconGenerator Favicon Plugin, affecting the install new favicon function of the file...

WordPress Favicon by RealFaviconGenerator Plugin < 1.3.23 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2022-0471

The Favicon by RealFaviconGenerator WordPress plugin before 1.3.23 does not properly sanitise and escape the jsonresulturl parameter before outputting it back in the Favicon admin dashboard, leading to a Reflected Cross-Site Scripting issue...

CVE-2022-0471

The Favicon by RealFaviconGenerator WordPress plugin before 1.3.23 does not properly sanitise and escape the jsonresulturl parameter before outputting it back in the Favicon admin dashboard, leading to a Reflected Cross-Site Scripting issue...

CVE-2022-0471 Favicon by RealFaviconGenerator < 1.3.23 - Reflected Cross-Site Scripting

The Favicon by RealFaviconGenerator WordPress plugin before 1.3.23 does not properly sanitise and escape the jsonresulturl parameter before outputting it back in the Favicon admin dashboard, leading to a Reflected Cross-Site Scripting issue...