EUVD-2026-32155

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Averta Master Slider allows DOM-Based XSS. This issue affects Master Slider: from n/a through 3.10.8...

CVE-2026-48968

The CVE-2026-48968 entry describes a DOM-based XSS vulnerability in the WordPress plugin Master Slider, affecting versions up to 3.10.8. The issue is caused by improper neutralization of input during web page generation. Impact is described as cross-site scripting with low to moderate implication...

WordPress Master Slider plugin <= 3.10.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Master Slider versions = 3.10.8...

WordPress plugin Master Slider 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Happy Addons for Elementor plugin <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Thanh Nam Tran in WordPress Plugin Happy Addons for Elementor versions = 3.10.8...

CVE-2025-5291

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mastersliderpb and msslide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes...

WordPress plugin Master Slider – Responsive Touch Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Master Slider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-6556

CVE-2024-6556 affects the SmartCrawl WordPress plugin (SEO checker/analyst/optimizer) for WordPress, with Full Path Disclosure in all versions up to and including 3.10.8. Public details confirm the root cause: the plugin uses mobiledetect without preventing direct access to its files, enabling un...

WordPress plugin SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Happy Addons for Elementor plugin <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin Happy Addons for Elementor versions = 3.10.8...

CVE-2024-4865

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...

PT-2024-34449 · WordPress · Happy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Happy Addons for Elementor plugin for WordPress versions up to, and including, 3.10.8 Description: The issue is related to Stored Cross-Site Scripting via the id parameter due to insufficient input sanitization and output escaping. This...

WordPress plugin Happy Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Happy Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-0324

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppbtwofactorauthenticationsettingsupdate' function in all versions up to, and including...

PT-2024-15470 · WordPress · User Profile Builder

Name of the Vulnerable Software and Affected Versions: The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress versions up to, and including, 3.10.8 Description: The issue is related to a missing capability check on the wppb two factor...

WordPress Plugin User Profile Builder Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Python Shell Command Injection Vulnerability (bpo-24778) - Linux

Python is prone to a shell command injection vulnerability in the mailcap module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Python Shell Command Injection Vulnerability (bpo-24778) - Windows

Python is prone to a shell command injection vulnerability in the mailcap module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...