5 matches found
CVE-2025-13984 Next.js - Critical - Access bypass - SA-CONTRIB-2025-122
Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting XSS.This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1...
CVE-2025-59556
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup GoStore gostore allows Reflected XSS.This issue affects GoStore: from n/a through 1.6.4...
CVE-2025-59556
CVE-2025-59556 is a reflected XSS vulnerability in the WordPress GoStore theme/plugin GoStore gostore, caused by improper input neutralization during page generation. Affected software is GoStore gostore versions prior to 1.6.4 (GoStore: from n/a through
WordPress Enzy theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Enzy versions 1.6.4...
WordPress Simple Student Result Authentication Bypass Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Simple Student Result plugin is one of the student performance management system plugin . An authentication bypass...