587 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ScrollRestoration API when using the getKey or storageKey props during server-side rendering in Framework Mode. An attacker can execute arbitrary JavaScript code by supplying untrusted content to generat...
React Router SSR XSS in ScrollRestoration
A XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate the keys. !NOTE This does not impact applications if...
CVE-2025-68892
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in [email protected] Scroll rss excerpt scroll-rss-excerpt allows Reflected XSS.This issue affects Scroll rss excerpt: from n/a through = 5.0...
CVE-2025-68892 WordPress Scroll rss excerpt plugin <= 5.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in [email protected] Scroll rss excerpt scroll-rss-excerpt allows Reflected XSS.This issue affects Scroll rss excerpt: from n/a through = 5.0...
CVE-2025-68892 WordPress Scroll rss excerpt plugin <= 5.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in [email protected] Scroll rss excerpt scroll-rss-excerpt allows Reflected XSS.This issue affects Scroll rss excerpt: from n/a through = 5.0...
CVE-2025-68892
CVE-2025-68892 — Reflected XSS in the WordPress plugin Scroll rss excerpt (vulnerable through version
WordPress plugin Scroll rss excerpt 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-2120
Name of the Vulnerable Software and Affected Versions @remix-run/react versions prior to 2.17.3 react-router versions 7.0.0 through 7.11.0 Description React Router, a router for React, contains a cross-site scripting XSS issue within the API when operating in Framework Mode during Server-Side...
PT-2026-1930
Name of the Vulnerable Software and Affected Versions Scroll rss excerpt versions n/a through 5.0 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, specifically a Reflected Cross-Site Scripting XSS condition. This allows for the injection of...
WordPress Scroll rss excerpt plugin <= 5.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Scroll rss excerpt versions = 5.0...
CVE-2025-60072
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...
EUVD-2025-204113
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...
CVE-2025-60072
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...
CVE-2025-60072 WordPress Anchor smooth scroll plugin <= 1.0.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...
CVE-2025-60072 WordPress Anchor smooth scroll plugin <= 1.0.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...
CVE-2025-60072
CVE-2025-60072 affects the WordPress plugin Anchor smooth scroll, versions
WordPress plugin Anchor smooth scroll 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
PT-2025-52133
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Anchor smooth scroll anchor-smooth-scroll allows PHP Local File Inclusion.This issue affects Anchor smooth scroll: from n/a through = 1.0.2...
Malicious code in @oku-ui/scroll-area (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feec27c9dd0a9e2e311e7acfd63e100ca5a09fe90c7e8aeb9237e7722ea49a77 The package @oku-ui/scroll-area was found to contain malicious code. Source: google-open-source-security...
EUVD-2025-199467
Malicious code in @oku-ui/scroll-area npm...