CVE-2026-2434

The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blogcard' shortcode attributes in all versions up to, and including, 2.5.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

EUVD-2026-23567

The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blogcard' shortcode attributes in all versions up to, and including, 2.5.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2026-33522

Name of the Vulnerable Software and Affected Versions Pz-LinkCard versions prior to 2.5.8.2 Description The Pz-LinkCard plugin for WordPress contains a Stored Cross-Site Scripting issue. Authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts into pages...

XOOPS Cross-Site Scripting Vulnerability

XOOPS eXtensible Object Oriented Portal System is the XOOPS team develops and maintains a set of open source PHP and MySQL based content management system . The system can be used to create a variety of online communities . XOOPS Core is one of the core repository . A cross-site scripting...