PT-2026-6019

Name of the Vulnerable Software and Affected Versions Extended Random Number Generator versions prior to 1.2 Description The Extended Random Number Generator plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin settings. Insufficient input sanitization and output...

PT-2025-46279

Name of the Vulnerable Software and Affected Versions YSlider versions prior to 1.2 Description The YSlider plugin for WordPress is susceptible to Cross-Site Request Forgery leading to Stored Cross-Site Scripting. This is a result of absent nonce verification on the content configuration page and...

PT-2024-37750 · WordPress · Ninjateam Header Footer Custom Code

Name of the Vulnerable Software and Affected Versions: NinjaTeam Header Footer Custom Code WordPress plugin versions prior to 1.2 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some settings are not...

PT-2022-13769 · Unknown · Ebics-Java/Ebics-Java-Client

Name of the Vulnerable Software and Affected Versions: ebics-java/ebics-java-client versions prior to 1.2 Description: A vulnerability in the encryption implementation of EBICS messages in the open source library ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt...

PT-2011-4737 · WordPress · Web Minimalist 200901 Theme

Name of the Vulnerable Software and Affected Versions: Web Minimalist 200901 theme for WordPress version 1.2 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the PATH INFO to "index.php". Recommendations: For Web Minimali...