CVE-2025-22735

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Burge WordPress Tag Cloud Plugin – Tag Groups tag-groups allows Reflected XSS.This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through = 2.0.4...

CVE-2022-41990

Cross-Site Request Forgery CSRF vulnerability in Vinoj Cardoza 3D Tag Cloud allows Stored XSS.This issue affects 3D Tag Cloud: from n/a through 3.8...

CVE-2025-22735 WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TaxoPress WordPress Tag Cloud Plugin – Tag Groups allows Reflected XSS. This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through 2.0.4...

CVE-2025-22735

CVE-2025-22735 is a reflected Cross-Site Scripting (XSS) vulnerability in the TaxoPress WordPress Tag Cloud Plugin – Tag Groups. The issue is described as improper neutralization of input during web page generation and affects Tag Groups versions up to 2.0.4 (on WordPress Tag Cloud Plugin – Tag G...

CVE-2025-22735 WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Burge WordPress Tag Cloud Plugin – Tag Groups tag-groups allows Reflected XSS.This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through = 2.0.4...

WordPress plugin WordPress Tag Cloud Plugin – Tag Groups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WordPress Tag Cloud Plugin...

PT-2025-4659 · WordPress · Taxopress Wordpress Tag Cloud Plugin

Name of the Vulnerable Software and Affected Versions: TaxoPress WordPress Tag Cloud Plugin – Tag Groups versions prior to 2.0.4 Description: The issue is related to improper neutralization of input during web page generation, allowing reflected Cross-site Scripting XSS. This enables attackers to...

WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress Tag Cloud Plugin - Tag Groups plugin = 2.0.4 - Reflected Cross Site Scripting XSS vulnerability discovered by minhtuanact Patchstack Alliance in WordPress Plugin WordPress Tag Cloud Plugin – Tag Groups versions = 2.0.4...

WordPress 2D Tag Cloud plugin <= 6.0.2 - Reflected Cross-Site Scripting via add_query_arg Parameter vulnerability

Reflected Cross-Site Scripting via addqueryarg Parameter vulnerability discovered by Francesco Carlucci in WordPress Plugin 2D Tag Cloud versions = 6.0.2...

WordPress 2D Tag Cloud Plugin <= 6.0.2 is vulnerable to Cross Site Scripting (XSS)

Software 2D Tag Cloud Type Plugin Vulnerable versions = 6.0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9670 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b507e6e6c829 Credits Francesco Carlucci...

CVE-2024-9670 2D Tag Cloud <= 6.0.2 - Reflected Cross-Site Scripting via add_query_arg Parameter

The 2D Tag Cloud plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 6.0.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...

CVE-2024-9670

The CVE-2024-9670 entry concerns the WordPress plugin 2D Tag Cloud (vulnerable

WordPress plugin 2D Tag Cloud 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-30400 · WordPress · Taxopress Wordpress Tag Cloud Plugin

Name of the Vulnerable Software and Affected Versions: TaxoPress WordPress Tag Cloud Plugin – Tag Groups versions through 2.0.3 Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This affects the TaxoPress WordPress Tag Cloud Plugin, specifically...

WordPress plugin WordPress Tag Cloud Plugin – Tag Groups 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress Tag Groups plugin <= 2.0.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin WordPress Tag Cloud Plugin – Tag Groups versions = 2.0.3...

CVE-2024-5605

The Media Library Assistant plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter within the mlatagcloud Shortcode in all versions up to, and including, 3.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2024-5605

The Media Library Assistant plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter within the mlatagcloud Shortcode in all versions up to, and including, 3.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

PT-2024-36685 · WordPress · Media Library Assistant

Name of the Vulnerable Software and Affected Versions: Media Library Assistant plugin for WordPress versions up to, and including, 3.16 Description: The issue allows authenticated attackers with contributor-level access and above to perform time-based SQL Injection via the order parameter within...

PT-2024-22385 · WordPress · Wordpress Tag/Category Manager – Ai Autotagger

Name of the Vulnerable Software and Affected Versions: The WordPress Tag and Category Manager – AI Autotagger plugin for WordPress versions up to, and including, 3.13.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin...