25 matches found
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation. Read the full technical breakdown in the Security Intelligen...
CVE-2026-32545
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...
EUVD-2026-15923
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...
CVE-2026-32545
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...
CVE-2026-32545 WordPress Taboola Pixel plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...
CVE-2026-32545 WordPress Taboola Pixel plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...
CVE-2026-32545
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...
CVE-2026-32545
CVE-2026-32545 is a reflected XSS in the Taboola Pixel WordPress plugin (taboola-pixel). The issue stems from improper neutralization of input during web page generation, affecting Taboola Pixel versions
WordPress plugin Taboola Pixel 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-28058
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through = 1.1.4...
WordPress Taboola Pixel plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Ali Osman ERBAS 0110m4n in WordPress Plugin Taboola Pixel versions = 1.1.4...
EUVD-2023-42215
Malicious code in bioql PyPI...
CVE-2023-38398
Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...
CVE-2023-38398
Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...
CVE-2023-38398
Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...
CVE-2023-38398 WordPress Taboola Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Taboola plugin = 2.0.1 versions...
CVE-2023-38398
CVE-2023-38398 is a CSRF vulnerability in the WordPress Taboola plugin, affecting versions = 2.0.2.
WordPress Plugin Taboola Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2023-26405 · Taboola · Taboola
Name of the Vulnerable Software and Affected Versions: Taboola plugin versions = 2.0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that t...