13 matches found
CVE-2022-0321
The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the postid parameter before outputting it back in the response via the wpvcsocialshareicons AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
CVE-2025-60086
Missing Authorization vulnerability in Matt WP Voting Contest wp-voting-contest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Voting Contest: from n/a through = 5.8...
EUVD-2022-15490
Malicious code in bioql PyPI...
EUVD-2025-28355
Malicious code in bioql PyPI...
CVE-2025-50017
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt WP Voting Contest wp-voting-contest allows Stored XSS.This issue affects WP Voting Contest: from n/a through = 5.8...
CVE-2025-50017
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt WP Voting Contest wp-voting-contest allows Stored XSS.This issue affects WP Voting Contest: from n/a through = 5.8...
CVE-2025-50017 WordPress WP Voting Contest plugin <= 5.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt WP Voting Contest wp-voting-contest allows Stored XSS.This issue affects WP Voting Contest: from n/a through = 5.8...
CVE-2025-50017
CVE-2025-50017 is a stored XSS in the WordPress plugin WP Voting Contest (versions n/a through 5.8). The issue stems from improper input neutralization during web page generation, enabling attacker-supplied input to be stored and later reflected to users. According to sources, the vulnerability a...
CVE-2025-50017 WordPress WP Voting Contest plugin <= 5.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt WP Voting Contest wp-voting-contest allows Stored XSS.This issue affects WP Voting Contest: from n/a through = 5.8...
PT-2025-26374 · WordPress · Matt Wp Voting Contest
Name of the Vulnerable Software and Affected Versions: Matt WP Voting Contest versions n/a through 5.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...
CVE-2022-0321
The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the postid parameter before outputting it back in the response via the wpvcsocialshareicons AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-0321
The CVE-2022-0321 entry applies to the WordPress WP Voting Contest plugin (pre-3.0). The issue is a Reflected Cross-Site Scripting vulnerability caused by the plugin not sanitising/escaping the post_id parameter before echoing it in the wpvc_social_share_icons AJAX response, accessible to unauthe...
CVE-2022-0321 WP Voting Contest < 3.0 - Reflected Cross-Site Scripting
The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the postid parameter before outputting it back in the response via the wpvcsocialshareicons AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...