7 matches found
CVE-2026-25362
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2025-31804
CVE-2025-31804 corresponds to an authenticated Stored XSS in the WordPress plugin Follow Us Badges (wpsite-follow-us-badges) up to version 3.1.11. Root cause: improper input neutralization during web page generation. Impact, per connected docs, is stored XSS risk for authenticated users; no publi...
PT-2023-16427 · Yafnet · Yafnet
Name of the Vulnerable Software and Affected Versions: YAFNET versions up to 3.1.11 Description: A vulnerability was found in the Signature Handler component of YAFNET, which can lead to cross-site scripting. The attack may be initiated remotely. The issue affects some unknown processing of this...
Bootstrap 跨站脚本漏洞
Bootstrap is a web front-end framework developed using HTML, CSS, and JavaScript. Bootstrap versions v3.1.11 and v3.3.7 are vulnerable to a cross-site scripting vulnerability that originates in the Title parameter in /vendor/views/addproduct.php. An attacker could exploit this vulnerability to...
PT-2019-4106 · Spip +1 · Spip +1
Name of the Vulnerable Software and Affected Versions: SPIP versions prior to 3.1.11 SPIP versions 3.2 prior to 3.2.5 Description: The issue is related to improper authorization in the SPIP content management system. It allows a remote attacker to compromise data integrity. Specifically, the...
Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors, a different vulnerability than...
Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...