EUVD-2025-205726

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

CVE-2025-69018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

CVE-2025-69018 WordPress Web Directory Free plugin <= 1.7.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through = 1.7.12...

CVE-2025-69018

CVE-2025-69018 affects Web Directory Free (WordPress) up to version 1.7.12. The Wordfence entry shows an authenticated (Contributor+) stored XSS vulnerability enabling DOM-based XSS during web page generation due to improper input neutralization. Patch status: Patched (fixed in a newer release).

WordPress plugin Web Directory Free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

EUVD-2023-12869

Malicious code in bioql PyPI...

SUSE-SU-2025:20091-1 Security update for containerd

This update for containerd fixes the following issues: - Update to containerd v1.7.21. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7.21 Fixes CVE-2023-47108. bsc1217070 Fixes CVE-2023-45142. bsc1228553 - Update to containerd v1.7.17. Upstream release notes:...

WordPress Plugin 360 Javascript Viewer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability...

WordPress Drop Shadow Boxes Plugin < 1.7.12 is vulnerable to Cross Site Scripting (XSS)

Software Drop Shadow Boxes Type Plugin Vulnerable versions 1.7.12 Fixed in 1.7.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8cdb65eb9ed4 Credits Rafie Muhammad Patchstack...

CVE-2023-0879 Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

Cross-site Scripting XSS - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12...

CVE-2023-0879 Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

Cross-site Scripting XSS - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12...

phpThumb is vulnerable to Server-Side Request Forgery (SSRF)

The default configuration of phpThumb before 1.7.12 has a false value for the disabledebug option, which allows remote attackers to conduct Server-Side Request Forgery SSRF attacks via the src parameter...

Cross-site Scripting in Beanstalk console

Beanstalk console prior to version 1.7.12 is vulnerable to cross-site scripting...