12 matches found
EUVD-2025-28175
Malicious code in bioql PyPI...
CVE-2025-48256
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through = 1.8.5...
CVE-2025-48256
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes Import Social Events allows Stored XSS. This issue affects Import Social Events: from n/a through 1.8.5...
CVE-2025-48256
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through = 1.8.5...
CVE-2025-48256
CVE-2025-48256 covers a Stored XSS in the WordPress plugin Import Social Events (versions ≤ 1.8.5) by Xylus Themes. The issue stems from improper input neutralization during web page generation, enabling an attacker-supplied payload to be stored and later executed in a victim’s browser. The vulne...
CVE-2025-48256 WordPress Import Social Events <= 1.8.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes Import Social Events allows Stored XSS. This issue affects Import Social Events: from n/a through 1.8.5...
CVE-2025-48256 WordPress Import Social Events plugin <= 1.8.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through = 1.8.5...
WordPress plugin Import Social Events 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2025-47531
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes XT Event Widget for Social Events xt-facebook-events allows PHP Local File Inclusion.This issue affects XT Event Widget for Social Events: from n/a through = 1.1.7...
CVE-2025-47531
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes XT Event Widget for Social Events allows PHP Local File Inclusion. This issue affects XT Event Widget for Social Events: from n/a through 1.1.7...
WordPress plugin XT Event Widget for Social Events 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Second Interdisciplinary Workshop on Reimagining Democracy
Last month, I convened the Second Interdisciplinary Workshop on Reimagining Democracy IWORD 2023 at the Harvard Kennedy School Ash Center. As with IWORD 2022, the goal was to bring together a diverse set of thinkers and practitioners to talk about how democracy might be reimagined for the...