EUVD-2025-202094

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WalkerWP Walker Core walker-core allows DOM-Based XSS.This issue affects Walker Core: from n/a through = 1.3.17...

CVE-2025-67552 WordPress Walker Core plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WalkerWP Walker Core walker-core allows DOM-Based XSS.This issue affects Walker Core: from n/a through = 1.3.17...

CVE-2025-67552 WordPress Walker Core plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WalkerWP Walker Core walker-core allows DOM-Based XSS.This issue affects Walker Core: from n/a through = 1.3.17...

PT-2025-49926

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WalkerWP Walker Core walker-core allows DOM-Based XSS.This issue affects Walker Core: from n/a through = 1.3.17...

WordPress Walker Core plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Walker Core versions = 1.3.17...

EUVD-2020-13688

Malware in sbrugna...

EUVD-2017-6296

Malware in sbrugna...

EUVD-2023-27805

Malicious code in bioql PyPI...

CVE-2024-47310

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through = 1.3.17...

CVE-2023-23719

Cross-Site Request Forgery CSRF vulnerability in Premmerce plugin = 1.3.17 versions...

WordPress plugin ARI Fancy Lightbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress ARI Fancy Lightbox -- Popup for WordPress plugin <= 1.3.17 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin ARI Fancy Lightbox versions = 1.3.17...

WordPress plugin Dynamics 365 Integration 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information disclosur...

PT-2024-25965 · Unknown · Alexacrm Dynamics 365 Integration

Name of the Vulnerable Software and Affected Versions: AlexaCRM Dynamics 365 Integration versions 1.3.17 and earlier Description: The issue concerns the insertion of sensitive information into log files, which could potentially expose confidential data. Recommendations: For AlexaCRM Dynamics 365...

WordPress Dynamics 365 Integration Plugin <= 1.3.17 is vulnerable to Sensitive Data Exposure

Software Dynamics 365 Integration Type Plugin Vulnerable versions = 1.3.17 Fixed in 1.3.18 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-34550 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 2397ac5f5483 Credi...

WordPress Appointment Hour Booking Plugin < 1.3.17 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...

Roundcube Webmail 跨站脚本漏洞

Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking, and more. Roundcube Webmail suffers from a cross-site scripting vulnerability that originates from XSS when the program handles file extensions of attachments.Th...

Akaunting 跨站脚本漏洞

Akaunting, an application from Akaunting, Inc. provides all the tools needed to manage funds online.Akaunting version 1.3.17 contains a cross-site scripting vulnerability that stems from a lack of checksum filtering of user-supplied and output data in the company name input field. An attacker cou...

CVE-2017-14806

A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version...

CVE-2017-14806 Insecure handling of repodata and packages in SUSE Studio onlite

A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version...