122 matches found
EUVD-2018-15609
Malware in sbrugna...
EUVD-2022-39129
Malicious code in bioql PyPI...
EUVD-2023-32613
Malicious code in bioql PyPI...
EUVD-2024-40130
Malicious code in bioql PyPI...
EUVD-2022-34675
Malicious code in bioql PyPI...
EUVD-2025-8157
Malicious code in bioql PyPI...
EUVD-2025-20242
Malicious code in bioql PyPI...
EUVD-2022-45094
Malicious code in bioql PyPI...
CVE-2025-7035
The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mlatagcloud and mlatermlist shortcodes in all versions up to, and including, 3.26 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress plugin Media Library Assistant 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2024-9670
The 2D Tag Cloud plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 6.0.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...
CVE-2023-28995
Cross-Site Request Forgery CSRF vulnerability in Keith Solomon Configurable Tag Cloud CTC plugin = 5.2 versions...
CVE-2022-2412
The Better Tag Cloud WordPress plugin through 0.99.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2021-24682
The Cool Tag Cloud WordPress plugin before 2.26 does not escape the style attribute of the cooltagcloud shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...
CVE-2025-28865
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lionelroux WP Colorful Tag Cloud wp-colorful-tag-cloud allows Reflected XSS.This issue affects WP Colorful Tag Cloud: from n/a through = 2.0.1...
CVE-2025-28865
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lionelroux WP Colorful Tag Cloud wp-colorful-tag-cloud allows Reflected XSS.This issue affects WP Colorful Tag Cloud: from n/a through = 2.0.1...
CVE-2025-28865
CVE-2025-28865 affects WP Colorful Tag Cloud (WordPress plugin) up to version 2.0.1, with a Reflected XSS due to improper input neutralization during web page generation. CVSSv3.1 base score 7.1 (HIGH). The connected documents confirm the XSS vector but do not provide a confirmed fix version or p...
CVE-2025-28865 WordPress WP Colorful Tag Cloud plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lionelroux WP Colorful Tag Cloud wp-colorful-tag-cloud allows Reflected XSS.This issue affects WP Colorful Tag Cloud: from n/a through = 2.0.1...
WordPress plugin WP Colorful Tag Cloud 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...
WordPress WP Colorful Tag Cloud plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP Colorful Tag Cloud versions = 2.0.1...