9 matches found
EUVD-2026-18120
A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is n...
CVE-2025-66141 WordPress Scroller plugin <= 2.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in merkulove Scroller scroller allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scroller: from n/a through = 2.0.2...
CVE-2025-58234
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomSky JS Job Manager js-jobs allows Stored XSS.This issue affects JS Job Manager: from n/a through = 2.0.2...
CVE-2025-30630
CVE-2025-30630 : The Red Hat advisory confirms an Improper Neutralization of Input During Web Page Generation (Stored XSS) in the pozzad Global Translator WordPress plugin, affecting versions up to 2.0.2. The Wordfence page also notes this CVE, describing a Stored XSS in Global Translator, with n...
CVE-2025-46515
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M A Vinoth Kumar Category Widget category-widget allows Reflected XSS.This issue affects Category Widget: from n/a through = 2.0.2...
CVE-2025-23564
CVE-2025-23564 covers a Reflected XSS in the WordPress WP FixTag plugin (versions up to and including v2.0.2). The issue is described as improper neutralization of input during web page generation, enabling reflected XSS. Affected product: WP FixTag (WordPress plugin). Impact per the CVE metadata...
WordPress ARS Affiliate Page Plugin plugin <= 2.0.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Le Ngoc Anh in WordPress Plugin ARS Affiliate Page Plugin versions = 2.0.2...
CVE-2024-35662
Missing Authorization vulnerability in Andreas Sofantzis Simple COD Fees for WooCommerce.This issue affects Simple COD Fees for WooCommerce: from n/a through 2.0.2...
CVE-2023-48749
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme nectar Salient Core allows Stored XSS.This issue affects Salient Core: from n/a through 2.0.2...