85 matches found
EUVD-2023-39777
Malicious code in bioql PyPI...
EUVD-2024-31404
Malicious code in bioql PyPI...
EUVD-2024-52523
Malicious code in bioql PyPI...
EUVD-2025-17172
Malicious code in bioql PyPI...
CVE-2025-6757
The Recent Posts Widget Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rpwe' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-6757
The Recent Posts Widget Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rpwe' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-6757 Recent Posts Widget Extended <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via rpwe Shortcode
The Recent Posts Widget Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rpwe' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-6757
CVE-2025-6757 – Recent Posts Widget Extended (WordPress) The vulnerability is in the Recent Posts Widget Extended plugin for WordPress, affecting versions up to and including 2.0.2. It is a Stored Cross-Site Scripting (XSS) flaw in the plugin’s rpwe shortcode caused by insufficient input sanitiza...
CVE-2025-6757 Recent Posts Widget Extended <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via rpwe Shortcode
The Recent Posts Widget Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rpwe' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
PT-2025-36364
Name of the Vulnerable Software and Affected Versions: Recent Posts Widget Extended plugin for WordPress versions up to and including 2.0.2 Description: The Recent Posts Widget Extended plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s rpwe shortcode...
WordPress plugin Recent Posts Widget Extended Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress ACF Recent Posts Widget plugin <= 5.9.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin ACF Recent Posts Widget versions = 5.9.3...
CVE-2025-28966
Cross-Site Request Forgery CSRF vulnerability in dilemma123 Recent Posts Slider Responsive recent-posts-slider-responsive allows Stored XSS.This issue affects Recent Posts Slider Responsive: from n/a through = 1.0.1...
CVE-2025-28966
Cross-Site Request Forgery CSRF vulnerability in dilemma123 Recent Posts Slider Responsive recent-posts-slider-responsive allows Stored XSS.This issue affects Recent Posts Slider Responsive: from n/a through = 1.0.1...
CVE-2025-28966 WordPress Recent Posts Slider Responsive plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in dilemma123 Recent Posts Slider Responsive recent-posts-slider-responsive allows Stored XSS.This issue affects Recent Posts Slider Responsive: from n/a through = 1.0.1...
CVE-2025-28966
CVE-2025-28966 affects the WordPress plugin Recent Posts Slider Responsive. The issue is a Cross-Site Request Forgery (CSRF) that enables Stored XSS, affecting versions from n/a up to 1.0.1. CVSS 3.1 base score 7.1 (HIGH) with network attack vector, no privileges required, user interaction requir...
CVE-2025-28966 WordPress Recent Posts Slider Responsive plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in dilemma123 Recent Posts Slider Responsive recent-posts-slider-responsive allows Stored XSS.This issue affects Recent Posts Slider Responsive: from n/a through = 1.0.1...
WordPress plugin Recent Posts Slider Responsive Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2024-33692
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3...
CVE-2024-33643
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2...