CVE-2025-15283

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' and 'namedirectorydescription' parameters in all versions up to, and including, 1.30.3 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress Name Directory plugin <= 1.30.3 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters vulnerability

Unauthenticated Stored Cross-Site Scripting via Multiple Parameters vulnerability discovered by zer0gh0st in WordPress Plugin Name Directory versions = 1.30.3...

CVE-2025-15283

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' and 'namedirectorydescription' parameters in all versions up to, and including, 1.30.3 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-15283 Name Directory <= 1.30.3 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' and 'namedirectorydescription' parameters in all versions up to, and including, 1.30.3 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-15283

CVE-2025-15283 refers to the WordPress plugin Name Directory (versions up to 1.30.3) with a stored cross-site scripting (XSS) flaw in the name_directory_name and name_directory_description parameters. Public sources (Wordfence Intelligence) document unauthenticated exploitation and a high-severit...

WordPress plugin Name Directory 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2026-2823

Name of the Vulnerable Software and Affected Versions Name Directory plugin for WordPress versions through 1.30.3 Description The Name Directory plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping in the name...

AZL-54425 CVE-2024-45338 affecting package kubernetes for versions less than 1.30.3-2

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

PT-2024-28737 · Unknown · Vaultwarden

Name of the Vulnerable Software and Affected Versions: Vaultwarden formerly Bitwarden RS version 1.30.3 Description: An issue was discovered in Vaultwarden, which lacks an offboarding process for members who leave an organization. As a result, the shared organization key is not rotated when a...

Vaultwarden 安全漏洞

Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust by Daniel García Personal Developer. A security vulnerability exists in Vaultwarden version 1.30.3, which originated from allowing an attacker with emergency access privileges to elevate their privileges by...

Vaultwarden 安全漏洞

Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust by Daniel García Personal Developer. A security vulnerability exists in Vaultwarden version 1.30.3, which stems from a failure to adequately protect certain encrypted data stored on the server, and allows...

WordPress MPL-Publisher – Self-publish your book & ebook plugin <= 1.30.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress MPL-Publisher – Self-publish your book & ebook plugin versions = 1.30.2. Solution Update the WordPress MPL-Publisher – Self-publish your book & ebook plugin to the latest available versi...