11 matches found
EUVD-2024-50874
Malicious code in bioql PyPI...
EUVD-2025-3434
Malicious code in bioql PyPI...
CVE-2025-23802
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SteveSoehl WP-Revive Adserver wp-revive-adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through = 2.2.1...
CVE-2025-23802
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SteveSoehl WP-Revive Adserver wp-revive-adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through = 2.2.1...
CVE-2025-23802 WordPress WP-Revive Adserver Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SteveSoehl WP-Revive Adserver wp-revive-adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through = 2.2.1...
CVE-2025-23802 WordPress WP-Revive Adserver Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SteveSoehl WP-Revive Adserver wp-revive-adserver allows Stored XSS.This issue affects WP-Revive Adserver: from n/a through = 2.2.1...
CVE-2025-23802
CVE-2025-23802 is a stored XSS in WP-Revive Adserver (WordPress plugin) caused by improper neutralization of input during web page generation. Affected: WP-Revive Adserver versions
CVE-2024-12461 WP-Revive Adserver <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WP-Revive Adserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpreviveasync' shortcode in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12461
The CVE CVE-2024-12461 affects the WP-Revive Adserver WordPress plugin (versions up to and including 2.2.1). It enables Stored XSS via the wprevive_async shortcode due to insufficient input sanitization/output escaping. Exploitation requires authenticated access at contributor level or higher, an...
CVE-2024-12461 WP-Revive Adserver <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WP-Revive Adserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpreviveasync' shortcode in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress plugin WP-Revive Adserver 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...