5 matches found
CVE-2025-68497
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through = 1.2.16...
WordPress WP CarDealer plugin <= 1.2.16 - Unauthenticated Privilege Escalation vulnerability
Unauthenticated Privilege Escalation vulnerability discovered by Foxyyy in WordPress Plugin WP CarDealer versions = 1.2.16...
CVE-2025-58860
CVE-2025-58860 — WordPress Enable Latex CSRF leading to Stored XSS Affected software: KaizenCoders Enable Latex WordPress plugin (versions up to and including 1.2.16). What is affected and how: A Cross-Site Request Forgery (CSRF) vulnerability exists in Enable Latex that can lead to Stored Cross-...
CVE-2023-2289
The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2023-2289
The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...