116 matches found
EUVD-2006-0248
Malware in sbrugna...
EUVD-2006-4580
Malware in sbrugna...
EUVD-2007-3872
Malware in sbrugna...
EUVD-2021-29211
Malicious code in bioql PyPI...
EUVD-2025-13824
Malicious code in bioql PyPI...
CVE-2023-3474
A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched...
CVE-2021-42233
The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting XSS vulnerability. When any user opens a particular blog hosted on an attackers' site, XSS may occur...
CVE-2025-47499
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr Simple Blog Stats simple-blog-stats allows Stored XSS.This issue affects Simple Blog Stats: from n/a through = 20250416...
CVE-2025-47499
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr Simple Blog Stats simple-blog-stats allows Stored XSS.This issue affects Simple Blog Stats: from n/a through = 20250416...
CVE-2025-47499 WordPress Simple Blog Stats plugin <= 20250416 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr Simple Blog Stats simple-blog-stats allows Stored XSS.This issue affects Simple Blog Stats: from n/a through = 20250416...
CVE-2025-47499
CVE-2025-47499 refers to WordPress plugin Simple Blog Stats. The vulnerability is a Stored XSS caused by improper neutralization of input during web page generation. Affected versions are listed as up to 20250416. The CVSS v3.1 base score is 6.5 (Medium) with network attack vector, low privileges...
WordPress Simple Blog Stats plugin <= 20250416 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Simple Blog Stats versions = 20250416...
WordPress plugin Simple Blog Stats 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2023-4036 Simple Blog Card < 1.32 - Subscriber+ Arbitrary Post Access
The Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones...
CVE-2023-4035 Simple Blog Card < 1.31 - Contributor+ Stored XSS via Shortcode
The Simple Blog Card WordPress plugin before 1.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-4035
CVE-2023-4035 affects the Simple Blog Card WordPress plugin prior to 1.31. Public docs indicate insufficient validation/escaping of shortcode attributes, enabling Stored XSS when a user with Contributor+ privileges embeds the shortcode (example provided). Impact is stored XSS in pages/posts where...
CVE-2023-4035 Simple Blog Card < 1.31 - Contributor+ Stored XSS via Shortcode
The Simple Blog Card WordPress plugin before 1.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-4036
The CVE-2023-4036 issue affects the Simple Blog Card WordPress plugin (versions before 1.32). Affected behavior: the plugin does not ensure that posts shown via its shortcode are public, allowing any authenticated user (e.g., a subscriber) to retrieve post titles and content, including drafts, pr...
WordPress plugin Simple Blog Card 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
WordPress plugin Simple Blog Card 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...