29 matches found
CVE-2025-62749
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content user-specific-content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through = 1.0.6...
CVE-2025-62749
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content user-specific-content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through = 1.0.6...
CVE-2025-62749
CVE-2025-62749 is a stored Cross‑Site Scripting (XSS) vulnerability in the WordPress plugin User Specific Content (Bainternet). The issue affects versions from n/a through 1.0.6 and is exploitable in a scenario where an authenticated user (at least a Contributor) with access to the plugin can inj...
EUVD-2025-205925
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through 1.0.6...
CVE-2025-62749 WordPress User Specific Content plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through 1.0.6...
CVE-2025-62749 WordPress User Specific Content plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bainternet User Specific Content user-specific-content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through = 1.0.6...
WordPress User Specific Content plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin User Specific Content versions = 1.0.6...
WordPress plugin User Specific Content 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-54308
Name of the Vulnerable Software and Affected Versions Bainternet User Specific Content versions through 1.0.6 Description The software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-Site Scripting XSS condition. This allows for the...
CVE-2025-11454
The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eosscfmduplicatepostasdraft function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2025-11454
The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eosscfmduplicatepostasdraft function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2025-11454 Specific Content For Mobile – Customize the mobile version without redirections <= 0.5.5 - Authenticated (Contributor+) SQL Injection
The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eosscfmduplicatepostasdraft function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of...
EUVD-2025-124905
The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via the eosscfmduplicatepostasdraft function in all versions up to, and including, 0.5.5 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2025-11454
CVE-2025-11454 - WordPress plugin vulnerability details (concrete): The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to SQL Injection via eos_scfm_duplicate_post_as_draft() in all versions up to and including 0.5.5. Exploitatio...
WordPress Specific Content For Mobile plugin <= 0.5.5 - Authenticated (Contributor+) SQL Injection vulnerability
Authenticated Contributor+ SQL Injection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Specific Content For Mobile versions = 0.5.5...
WordPress plugin Specific Content For Mobile – Customize the mobile version without redirections SQL注入漏洞
WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin...
CVE-2025-30874
Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through = 0.5.3...
CVE-2025-30874
Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through = 0.5.3...
CVE-2025-30874
Missing Authorization vulnerability in Jose Mortellaro Specific Content For Mobile specific-content-for-mobile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specific Content For Mobile: from n/a through = 0.5.3...
WordPress Specific Content For Mobile plugin <= 0.5.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Specific Content For Mobile versions = 0.5.3...