4 matches found
EUVD-2025-35678
The Beaver Builder Plugin Starter Version plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘autoplay’ parameter in all versions up to, and including, 2.9.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
Apache Airflow Security Vulnerability
Apache Airflow is an open source platform for creating, managing and monitoring workflows from the Apache USA Foundation. The platform is characterized by scalability and dynamic monitoring. A security vulnerability exists in Apache Airflow versions prior to 2.9.2 that stems from Airflow not...
PT-2024-24676 · Unknown · Hurrytimer
Name of the Vulnerable Software and Affected Versions: HurryTimer versions n/a through 2.9.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...
PT-2023-15896 · Kaltura · Kaltura Mwembed
Name of the Vulnerable Software and Affected Versions: kaltura mwEmbed versions up to 2.91 Description: A problem was found in the Share Plugin component, specifically in the file modules/KalturaSupport/components/share/share.js. The issue allows for cross site scripting through the manipulation ...