EUVD-2025-10637

Malicious code in bioql PyPI...

CVE-2025-22774

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRUDLab CRUDLab Scroll to Top crudlab-scroll-to-top allows Reflected XSS.This issue affects CRUDLab Scroll to Top: from n/a through = 1.0.1...

CVE-2025-22774 WordPress CRUDLab Scroll to Top Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRUDLab CRUDLab Scroll to Top crudlab-scroll-to-top allows Reflected XSS.This issue affects CRUDLab Scroll to Top: from n/a through = 1.0.1...

CVE-2025-22774

CVE-2025-22774 is a reflected XSS in the WordPress plugin CRUDLab Scroll to Top (versions up to 1.0.1). Technical details: affected software is CRUDLab Scroll to Top; vulnerability class is Cross-Site Scripting (Reflected). CVSS3.1 base score is 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L). Root cau...

CVE-2025-22774 WordPress CRUDLab Scroll to Top Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRUDLab CRUDLab Scroll to Top crudlab-scroll-to-top allows Reflected XSS.This issue affects CRUDLab Scroll to Top: from n/a through = 1.0.1...

PT-2025-16973 · Unknown · Crudlab Scroll To Top

Name of the Vulnerable Software and Affected Versions: CRUDLab Scroll to Top versions 1.0.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS in CRUDLab Scroll to Top...

WordPress plugin CRUDLab Scroll to Top 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

CVE-2025-31399

Cross-Site Request Forgery CSRF vulnerability in Chandan Garg CG Scroll To Top cg-scroll-to-top allows Stored XSS.This issue affects CG Scroll To Top: from n/a through = 3.5...

WordPress CG Scroll To Top plugin <= 3.5 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by johska in WordPress Plugin CG Scroll To Top versions = 3.5...

CVE-2025-31399

Cross-Site Request Forgery CSRF vulnerability in Chandan Garg CG Scroll To Top cg-scroll-to-top allows Stored XSS.This issue affects CG Scroll To Top: from n/a through = 3.5...

CVE-2025-31399

Technical details about CVE-2025-31399 (CG Scroll To Top) are not provided in the connected documents. Public details appear reserved/no details in the supplied sources. Monitor for updates and potential public disclosures as more information becomes available.

WordPress plugin CG Scroll To Top 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-15750 · Chandan Garg · Cg Scroll To Top

Name of the Vulnerable Software and Affected Versions: Chandan Garg CG Scroll To Top versions n/a through 3.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

CVE-2022-2710

The Scroll To Top WordPress plugin before 1.4.1 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2710

The Scroll To Top WordPress plugin before 1.4.1 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2710

The Scroll To Top WordPress plugin before 1.4.1 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

The Scroll To Top WordPress plugin before 1.4.1 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2710 Scroll To Top < 1.4.1 - Admin+ Stored Cross-Site Scripting

The Scroll To Top WordPress plugin before 1.4.1 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2710

The CVE-2022-2710 entry concerns the WordPress Scroll To Top plugin (versions prior to 1.4.1). The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by insufficient escaping of certain plugin settings, which could let high-privilege users (e.g., admins) execute scripts even when un...

PT-2022-18220 · WordPress · Cg Scroll To Top

Name of the Vulnerable Software and Affected Versions: Scroll To Top WordPress plugin versions prior to 1.4.1 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, in...