1035 matches found
EUVD-2025-205735
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Inboxify Inboxify Sign Up Form inboxify-sign-up-form allows Stored XSS.This issue affects Inboxify Sign Up Form: from n/a through = 1.0.4...
CVE-2025-68568
Missing Authorization vulnerability in Claspo Popup Builders Claspo – Popups, Spin the Wheel & Email Capture claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Claspo – Popups, Spin the Wheel & Email Capture: from n/a through = 1.0.7...
EUVD-2025-205267
Missing Authorization vulnerability in integrationclaspo Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture & Lead Generation forms maker claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Builder: Exit-Intent...
CVE-2025-68568
Missing Authorization vulnerability in Claspo Popup Builders Claspo – Popups, Spin the Wheel & Email Capture claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Claspo – Popups, Spin the Wheel & Email Capture: from n/a through = 1.0.7...
CVE-2025-68568 WordPress Claspo – Popups, Spin the Wheel & Email Capture plugin <= 1.0.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Claspo Popup Builders Claspo – Popups, Spin the Wheel & Email Capture claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Claspo – Popups, Spin the Wheel & Email Capture: from n/a through = 1.0.7...
PT-2025-53256
Missing Authorization vulnerability in integrationclaspo Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture & Lead Generation forms maker claspo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Builder: Exit-Intent...
CVE-2025-14959
A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available...
PT-2025-52547
Name of the Vulnerable Software and Affected Versions Flex Store Users plugin for WordPress versions prior to 1.1.1 Description The Flex Store Users plugin for WordPress is susceptible to privilege escalation. Unauthenticated attackers can register with the 'administrator' role during registratio...
CVE-2025-14959
A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available...
CVE-2025-14959
A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available...
CVE-2025-14959
The CVE-2025-14959 entry affects code-projects Simple Stock System 1.0. The vulnerability is in the signup flow, specifically in the handling of the Username argument in /market/signup.php, where manipulation can lead to SQL injection. Attacks are described as remotely executable, with proof-of-c...
CVE-2025-14959 code-projects Simple Stock System signup.php sql injection
A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available...
CVE-2025-14959 code-projects Simple Stock System signup.php sql injection
A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available...
Code-Projects Simple Stock System 安全漏洞
Code-Projects Simple Stock System is a simple stock system from Code-Projects open source. A security vulnerability exists in Code-Projects Simple Stock System version 1.0, which stems from an incorrect manipulation of the parameter Username in the file /market/signup.php, which could lead to an...
PT-2025-52502
Name of the Vulnerable Software and Affected Versions code-projects Simple Stock System version 1.0 Description A flaw exists in code-projects Simple Stock System 1.0 related to the processing of the /market/signup.php file. Manipulation of the Username argument can result in SQL injection. This...
CVE-2025-13993
The MailerLite – Signup forms official plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formdescription' and 'successmessage' parameters in versions up to, and including, 1.7.16 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-13993 MailerLite – Signup forms (official) <= 1.7.16 - Authenticated (Administrator+) Stored Cross-Site Scripting
The MailerLite – Signup forms official plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formdescription' and 'successmessage' parameters in versions up to, and including, 1.7.16 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-13993
CVE-2025-13993 - MailerLite – Signup forms (official) plugin for WordPress is affected up to version 1.7.16. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) in the parameters form_description and success_message caused by insufficient input sanitization and output escaping. Exploi...
WordPress MailerLite – Signup forms (official) plugin <= 1.7.16 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by NosleeP++ in WordPress Plugin MailerLite versions = 1.7.16...
WordPress plugin MailerLite – Signup forms (official) 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...