CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

CVE-2025-69235

The CVE-2025-69235 entries describe a vulnerability in Whale browser versions prior to 4.35.351.12 where an attacker can bypass the Same-Origin Policy in a sidebar environment. Affected product: Whale browser (desktop). Vulnerable component/area: the sidebar environment handling that enables cros...

CVE-2025-69234

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...

CVE-2025-69234

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...

CVE-2025-69234

Affected software: Whale browser (pre-4.35.351.12). Vulnerability: iframe sandbox escape in a sidebar environment. Root cause / impact: An attacker could escape the iframe sandbox, potentially bypassing security restrictions associated with the sandboxed context. The CVE entry and connected advis...

Naver Whale Browser 安全漏洞

Naver Whale Browser is a web browser from Naver, a South Korean company that supports user-defined interfaces. A security vulnerability exists in Naver Whale Browser versions prior to 4.35.351.12, which stems from a same-origin policy bypass in the sidebar environment...

PT-2025-53835

Name of the Vulnerable Software and Affected Versions Whale browser versions prior to 4.35.351.12 Description A flaw exists in Whale browser that allows an attacker to circumvent the Same-Origin Policy within a sidebar environment. This bypass could potentially allow unauthorized access to data o...

PT-2025-53834

Name of the Vulnerable Software and Affected Versions Whale browser versions prior to 4.35.351.12 Description The Whale browser is susceptible to an iframe sandbox escape in a sidebar environment. An attacker can leverage this to bypass security restrictions imposed by the iframe sandbox...

CVE-2025-13625

The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 0.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

CVE-2025-13625

CVE-2025-13625 pertains to the WP-SOS-Donate Donation Sidebar Plugin for WordPress. Wordfence details a Reflected Cross-Site Scripting flaw that affects all versions up to and including 0.9.2, caused by insufficient input sanitization and output escaping of the $_SERVER['PHP_SELF'] parameter. The...

CVE-2025-13625 WP-SOS-Donate Donation Sidebar Plugin <= 0.9.2 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 0.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

WordPress plugin WP-SOS-Donate Donation Sidebar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

VulnCheck KEV: CVE-2022-4982

DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers frame.html and frame.A100.html that accept a path parameter content or sidebar which is not properly validated or canonicalized. An attacker c...

CVE-2025-60073

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Responsive Sidebar responsive-sidebar allows PHP Local File Inclusion.This issue affects Responsive Sidebar: from n/a through = 1.2.2...

EUVD-2025-38130

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Responsive Sidebar responsive-sidebar allows PHP Local File Inclusion.This issue affects Responsive Sidebar: from n/a through = 1.2.2...

CVE-2025-60073

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Responsive Sidebar responsive-sidebar allows PHP Local File Inclusion.This issue affects Responsive Sidebar: from n/a through = 1.2.2...

CVE-2025-60073

CVE-2025-60073 concerns the WordPress plugin Responsive Sidebar (versions

CVE-2025-60073 WordPress Responsive Sidebar plugin <= 1.2.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Responsive Sidebar responsive-sidebar allows PHP Local File Inclusion.This issue affects Responsive Sidebar: from n/a through = 1.2.2...