CVE-2026-6427 a3 Lazy Load <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Element

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filtervideos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...

WordPress plugin a3 Lazy Load 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

WordPress a3 Lazy Load plugin <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by theviper17y in WordPress Plugin a3 Lazy Load versions = 2.7.6...

PT-2026-38344

Name of the Vulnerable Software and Affected Versions Hitachi Virtual Storage Platform One Block 23 versions prior to DKCMAIN A3-04-21-40/00, ESM A3-04-21/00 Hitachi Virtual Storage Platform One Block 24 versions prior to DKCMAIN A3-04-21-40/00, ESM A3-04-21/00 Hitachi Virtual Storage Platform On...

python315-3.15.0~a3-3.1 on GA media (moderate)

python315-3.15.0a3-3.1 on GA media Announcement ID: openSUSE-SU-2026:10126-1 Rating: moderate Cross-References: CVE-2025-11468 CVE-2026-0672 CVSS scores: CVE-2025-11468 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2025-11468 SUSE : 7.1...

CVE-2023-29097

Auth. author+ Stored Cross-Site Scripting XSS vulnerability in a3rev Software a3 Portfolio plugin = 3.1.0 versions...

CVE-2025-9873

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access...

CVE-2025-9873

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access...

CVE-2025-9873 a3 Lazy Load <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access...

CVE-2025-9873 a3 Lazy Load <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access...

PT-2025-51086

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access...

WordPress plugin a3 Lazy Load 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...

WordPress a3 Lazy Load plugin <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin a3 Lazy Load versions = 2.7.5...

EUVD-2019-6434

Malware in sbrugna...

EUVD-2019-6476

Malware in sbrugna...

EUVD-2023-32700

Malicious code in bioql PyPI...

Malicious code in @zalastax/nolb-a3 (npm)

The package @zalastax/nolb-a3 was found to contain malicious code...

MAL-2025-10620 Malicious code in @zalastax/nolb-a3 (npm)

The package @zalastax/nolb-a3 was found to contain malicious code...

WordPress Wonder Slider plugin <= 14.4 - Authenticated (Contributor+) Dom-based Stored Cross-Site Scripting

Authenticated Contributor+ Dom-based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Wonder Slider versions = 14.4...

WordPress Youtube Vimeo Video Player and Slider WP Plugin <= 3.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Youtube Vimeo Video Player and Slider WP Plugin versions = 3.8...