323 matches found
WordPress plugin Cazamba 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...
WordPress plugin SpotBot 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin Razorpay Subscription Button Elementor Plugin 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...
WordPress plugin NotFound Essay Wizard (wpCRES) 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin First Comment Redirect 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
WordPress plugin WP Easy Post Mailer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
CVE-2022-1682
Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser...
CVE-2024-29923
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PropertyHive allows Reflected XSS.This issue affects PropertyHive: from n/a through 2.0.8...
WordPress plugin StageShow 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin StageShow...
WordPress plugin Quiz Maker Business, Developer, and Agency 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
ETIC Telecom Remote Access Server 跨站脚本漏洞
ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to remotely maintain automated equipment. A cross-site scripting vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.5.0, which...
CVE-2025-22599 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `home.php` parameter `msg_c`
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msgc parameter. This vulnerability is fixed in 3.2.8...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.2.8, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that allows an attacker to inject malicio...
Liferay Portal和Liferay DXP 跨站脚本漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
GLPI 跨站脚本漏洞
GLPI is an open source IT and asset management software from an individual developer. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and i...
PHPGurukul Online Marriage Registration System 安全漏洞
PHPGurukul Online Marriage Registration System is a website builder from PHPGurukul that supports online marriage registration. A security vulnerability exists in PHPGurukul Online Marriage Registration System v1.0, which originates from a Reflective Cross-Site Scripting XSS vulnerability in the...
WordPress plugin Maximum Products per User for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress plugin Maximum...
WordPress plugin Magazine Blocks 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
Metronic Admin Dashboard Template 安全漏洞
Metronic Admin Dashboard Template is a responsive website backend administration template from Metronic based on the Bootstrap framework. A security vulnerability exists in Metronic Admin Dashboard Template version v2.0, which stems from the presence of a Reflective Cross-Site Scripting XSS...
CVE-2024-21517
CVE-2024-21517 affects opencart/opencart (version 4.0.0.0 and related builds). The issue is a reflected cross-site scripting (XSS) vulnerability in the redirect parameter of the customer account/login route, enabling an attacker to inject arbitrary HTML/JavaScript into the response. Impact is tar...