5 matches found
EUVD-2025-30653
Malicious code in bioql PyPI...
CVE-2025-57981 WordPress WP Social Widget Plugin <= 2.3.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through = 2.3.1...
WordPress plugin WP Social Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
WordPress WP Social Widget plugin <= 2.2.7 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin WP Social Widget versions = 2.2.7...
WP Social Widget < 2.2.4 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. wpsw facebook='" onmouseover="alert1"'...