4 matches found
GHSA-W3VX-52J6-9FJP NotChatbot WebChat has a stored cross-site scripting (XSS) vulnerability
A stored cross-site scripting XSS vulnerability exists in the NotChatbot WebChat widget thru 1.4.4. User-supplied input is not properly sanitized before being stored and rendered in the chat conversation history. This allows an attacker to inject arbitrary JavaScript code which is executed when t...
CVE-2025-69365 WordPress Uroan Core plugin <= 1.4.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Uroan Core uroan-core allows Blind SQL Injection.This issue affects Uroan Core: from n/a through = 1.4.4...
WordPress Jobify - Job Board WordPress Theme Theme <= 1.4.4 is vulnerable to Cross Site Scripting (XSS)
Software Jobify - Job Board WordPress Theme Type Theme Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-8318 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID edb43386dd8c Credits Muhammad...
WordPress plugin Custom Post Type List Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...