EUVD-2025-9875

Malicious code in bioql PyPI...

EUVD-2025-8781

Malicious code in bioql PyPI...

CVE-2025-32129

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Mitigation, Inc. Welcome Bar intelly-welcome-bar allows Stored XSS.This issue affects Welcome Bar: from n/a through = 2.0.4...

CVE-2025-32129

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Mitigation, Inc. Welcome Bar intelly-welcome-bar allows Stored XSS.This issue affects Welcome Bar: from n/a through = 2.0.4...

CVE-2025-32129 WordPress Welcome Bar plugin <= 2.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Migitation, Inc. Welcome Bar allows Stored XSS. This issue affects Welcome Bar: from n/a through 2.0.4...

CVE-2025-32129 WordPress Welcome Bar plugin <= 2.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Data443 Risk Mitigation, Inc. Welcome Bar intelly-welcome-bar allows Stored XSS.This issue affects Welcome Bar: from n/a through = 2.0.4...

CVE-2025-32129

Technical details for CVE-2025-32129 are not provided in the supplied documents. Monitor for updates from vendors and security advisories; the initial description notes a Stored XSS in Welcome Bar (

PT-2025-14920 · Data443 Risk Mitigation · Welcome Bar

Name of the Vulnerable Software and Affected Versions: Data443 Risk Migitation, Inc. Welcome Bar versions through 2.0.4 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS. Specifically, it is a Stored XSS...

WordPress plugin Welcome Bar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

CVE-2025-31610

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gingerplugins Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme gp-notification-bar allows Stored XSS.This issue affects Notification Bar, Sticky Notification Bar, Sticky...

CVE-2025-31610

CVE-2025-31610 describes a stored XSS in the WordPress plugin set “Notification Bar” (including Sticky Notification Bar and Sticky Welcome Bar for any theme). The issue arises from improper input neutralization during web page generation. Affected range is stated as from n/a through 1.1. The conn...

WordPress plugin Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Notification Bar,...

WordPress Welcome Bar Plugin <= 2.0.3 is vulnerable to Broken Access Control

Software Welcome Bar Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 1616e8eeba7b Credits WordFence Required privilege Subscribe...

WordPress Welcome Bar Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Welcome Bar Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 62cc3118da84 Credits WordFence Required privilege...

CVE-2022-1776

The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the...

CVE-2021-24425

The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme – myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored Cross-Site Scripting issue,...

myStickymenu < 2.5.2 - Authenticated Stored XSS

The plugin does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored Cross-Site Scripting issue, which will be triggered in the plugin's setting, as well as all front-page of the blog when the Welcome bar is active Put...

myStickymenu < 2.5.2 - Authenticated Stored XSS

The plugin does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored Cross-Site Scripting issue, which will be triggered in the plugin's setting, as well as all front-page of the blog when the Welcome bar is active PoC...