1188 matches found
CVE-2025-15665
The Ultimate Before After Image Slider & Gallery WordPress plugin before 4.7.1 does not escape the value of the BEAF Slider widget's shortcode field before outputting it on the front end the value is passed through doshortcode, which echoes non-shortcode content verbatim, allowing users with...
CVE-2025-15665
The Ultimate Before After Image Slider & Gallery WordPress plugin before 4.7.1 does not escape the value of the BEAF Slider widget's shortcode field before outputting it on the front end the value is passed through doshortcode, which echoes non-shortcode content verbatim, allowing users with...
CVE-2026-15097
The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'heightslider' Slider Module Field in all versions up to, and including, 7.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-15096
The CVE concerns the Themify Builder WordPress plugin. A Stored Cross-Site Scripting (XSS) flaw exists in the Map Module’s b_width_map field across all versions up to 7.7.6, caused by insufficient input sanitization and output escaping. Authenticated attackers with contributor-level access or hig...
EUVD-2026-42842
The Hostel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wphostel-book' shortcode in all versions up to and including 1.1.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Specifically, the second shortcode...
CVE-2026-15292
The Sudoku Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'background' parameter in the 'sudoku-sc' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2026-15301 BuddyHolis TableSearch <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The BuddyHolis TableSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-15296 affiliate-toolkit – WP Affiliate Plugin with Amazon <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkpproduct' shortcode in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. Th...
EUVD-2026-42739
Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle parameter processed through the TXT filter in pfs.main.php. Attackers can create a...
CVE-2026-58144
Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle parameter processed through the TXT filter in pfs.main.php. Attackers can create a...
CVE-2026-60120
Bagisto CVE-2026-60120 affects Bagisto before 2.4.4. It is a stored XSS via client-side template injection: an unauthenticated attacker registers a customer with malicious payload in the first or last name, causing the Create Order page to render in administrator browsers and execute arbitrary Ja...
CVE-2025-14785
The CVE-2025-14785 entry covers a Stored Cross-Site Scripting vulnerability in the Website Builder by SeedProd – Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode WordPress plugin up to version 6.20.2. The issue arises from insufficient input sanitization and output escaping...
CVE-2025-14785 Website Builder by SeedProd - Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'seedprodnestedmenuwidget' Shortcode
The Website Builder by SeedProd - Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's seedprodnestedmenuwidget shortcode in all versions up to, and including, 6.20.2 due to insufficient input...
CVE-2026-11766 Ultimate Member < 2.12.0 - Subscriber+ Stored XSS via Custom Textarea Profile Fields
The Ultimate Member WordPress plugin before 2.12.0 does not properly sanitise and escape the value of custom textarea profile fields before outputting it on user profiles, allowing authenticated users with Subscriber-level access and above to store JavaScript that executes when any user, includin...
CVE-2026-9148
The Comments – wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the guest commenter 'Website' field in versions up to, and including, 7.6.56 This is due to insufficient output escaping in the getCommentAuthor function, which interpolates the stored commentauthorurl...
CVE-2026-8892
CVE-2026-8892 affects the CM Business Directory plugin for WordPress (versions up to and including 1.5.7). The vulnerability is a Stored Cross-Site Scripting (XSS) via the Business Address Meta Fields, caused by insufficient input sanitization and output escaping. Authenticated attackers with con...
CVE-2026-9626
The CVE-2026-9626 entry concerns the WordPress JSON API User plugin (
CVE-2026-8489
The CVE-2026-8489 case involves the WordPress plugin Ultimate Member (User Profile, Registration, Login, etc.). Affected: all versions up to 2.11.4. Vulnerability: Stored Cross-Site Scripting via the about_me field in user profiles, caused by insufficient input sanitization and output escaping. I...
CVE-2026-12734
The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'connectorWidth' Block Attribute in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes i...
CVE-2026-55661
CVE-2026-55661 affects TinaCMS rich-text rendering (Slate JSON) where the url field on Slate link/image nodes was not sanitized, allowing stored XSS via dangerous URL schemes such as javascript: or data:text/html. Affected versions include tinacms/mdx <2.1.7 and tinacms =2.1.7 and tinacms >...