397 matches found
EUVD-2024-31298
Malicious code in bioql PyPI...
EUVD-2024-31293
Malicious code in bioql PyPI...
EUVD-2024-31296
Malicious code in bioql PyPI...
EUVD-2024-31290
Malicious code in bioql PyPI...
CVE-2025-60100
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through 9.6...
WordPress XStore theme < 9.6 - Content Injection vulnerability
Content Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme XStore versions 9.6...
CVE-2025-60100
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through 9.6...
CVE-2025-60100 WordPress XStore theme < 9.6 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through 9.6...
CVE-2025-60100
CVE-2025-60100 is linked to 8theme XStore for WordPress. The connected documents indicate an unauthenticated, arbitrary shortcode execution vulnerability in XStore versions up to 9.5.3, caused by improper neutralization of script-related HTML tags in a web page (basic XSS). The Wordfence entry li...
CVE-2025-60100 WordPress XStore theme < 9.6 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through 9.6...
PT-2025-39547
Name of the Vulnerable Software and Affected Versions 8theme XStore versions through 9.5.3 Description The software contains a flaw related to improper handling of script-related HTML tags on a web page, potentially leading to code injection. This issue is identified as a Basic Cross-Site Scripti...
WordPress XStore Theme <= 9.5.3 is vulnerable to Content Injection
Software XStore Type Theme Vulnerable versions = 9.5.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2025-60100 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 55131c12c2eb Credits Rafie Muhammad Patchstack Required privilege...
WordPress plugin XStore 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
WordPress XStore theme < 9.6.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme XStore versions 9.6.1...
WordPress XStore theme < 9.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme XStore versions 9.6...
WordPress XStore theme < 9.6.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme XStore versions 9.6.1...
VulnCheck KEV: CVE-2024-21136
Vulnerability in the Oracle Retail Xstore Office product of Oracle Retail Applications component: Security. Supported versions that are affected are 19.0.5, 20.0.3, 20.0.4, 22.0.0 and 23.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
CVE-2024-33558
Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5...
CVE-2018-3300
Vulnerability in the Oracle Retail Xstore Office product of Oracle Retail Applications component: Internal Operations. The supported version that is affected is 7.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Xstore...
CVE-2018-2883
Vulnerability in the Oracle Retail Xstore Office component of Oracle Retail Applications subcomponent: Internal Operations. Supported versions that are affected are 7.0 and 7.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retai...