6 matches found
CVE-2025-52759 WordPress Accordion FAQ plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UnboundStudio Accordion FAQ allows Reflected XSS. This issue affects Accordion FAQ: from n/a through 2.2.1...
EUVD-2025-36008
Cross-Site Request Forgery CSRF vulnerability in Prakash Awesome Testimonials awesome-testimonials allows Stored XSS.This issue affects Awesome Testimonials: from n/a through = 2.2.1...
EUVD-2025-3192
Malicious code in bioql PyPI...
CVE-2025-48248
CVE-2025-48248 pertains to Sitewide Discount for WooCommerce: Apply Discount to All Products (WordPress plugin). The vulnerability is a Stored XSS due to improper input neutralization during web page generation, affecting versions up to 2.2.1. Public sources in Connected documents confirm the aff...
CVE-2025-39576
CVE-2025-39576 affects WordPress plugin WPAdverts (versions up to 2.2.1). The issue is a Stored XSS caused by improper neutralization of input during web page generation. Exploitation details are not provided in the initial document, but CVSSv3.1 base score is listed as 6.5 (Medium) with network ...
CVE-2025-23802
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SteveSoehl WP-Revive Adserver wp-revive-adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through = 2.2.1...