26 matches found
WordPress WPS Visitor Counter plugin plugin <= 1.4.8 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin WPS Visitor Counter versions = 1.4.8...
CVE-2025-9116
The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2025-9116
The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2025-9116 WPS Visitor Counter Plugin <= 1.4.8 - Reflected XSS via $_SERVER['REQUEST_URI']
The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2025-9116
The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
EUVD-2025-203238
The WPS Visitor Counter Plugin WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2025-9116 WPS Visitor Counter Plugin <= 1.4.8 - Reflected XSS via $_SERVER['REQUEST_URI']
The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
WordPress plugin WPS Visitor Counter Plugin 安全漏洞
...
PT-2025-51089
The WPS Visitor Counter Plugin WordPress plugin through 1.4.8 does not escape the $ SERVER'REQUEST URI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
EUVD-2025-8594
Malicious code in bioql PyPI...
EUVD-2025-17192
Malicious code in bioql PyPI...
CVE-2025-30627
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in regolithsjk Elegant Visitor Counter elegant-visitor-counter allows Stored XSS.This issue affects Elegant Visitor Counter: from n/a through = 3.1...
CVE-2025-30627
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in regolithsjk Elegant Visitor Counter elegant-visitor-counter allows Stored XSS.This issue affects Elegant Visitor Counter: from n/a through = 3.1...
CVE-2025-30627 WordPress Elegant Visitor Counter plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in regolithsjk Elegant Visitor Counter elegant-visitor-counter allows Stored XSS.This issue affects Elegant Visitor Counter: from n/a through = 3.1...
CVE-2025-30627 WordPress Elegant Visitor Counter plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in regolithsjk Elegant Visitor Counter elegant-visitor-counter allows Stored XSS.This issue affects Elegant Visitor Counter: from n/a through = 3.1...
CVE-2025-30627
CVE-2025-30627 describes a Stored XSS in Elegant Visitor Counter (WordPress plugin) due to improper input neutralization during web page generation. Affected software: Elegant Visitor Counter up to version 3.1. Root cause: inadequate sanitization of input leading to script injection in pages gene...
WordPress plugin Elegant Visitor Counter 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...
PT-2025-24148 · Unknown · Elegant Visitor Counter
Name of the Vulnerable Software and Affected Versions: Elegant Visitor Counter versions n/a through 3.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...
WordPress Elegant Visitor Counter plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Elegant Visitor Counter versions = 3.1...
CVE-2025-31449
Cross-Site Request Forgery CSRF vulnerability in EricH The Visitor Counter the-visitor-counter allows Stored XSS.This issue affects The Visitor Counter: from n/a through = 1.4.3...