Show all comments < 7.0.1 - Cross-Site Scripting

The Show All Comments WordPress plugin before 7.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin. id: CVE-2022-4295 info: name: Show all commen...

EUVD-2025-13770

Malicious code in bioql PyPI...

EUVD-2025-13772

Malicious code in bioql PyPI...

CVE-2025-47605

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AppJetty WP jQuery DataTable wp-jquery-datatable allows Stored XSS.This issue affects WP jQuery DataTable: from n/a through = 4.1.0...

CVE-2025-47607

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AppJetty Show All Comments show-all-comments-in-one-page allows Stored XSS.This issue affects Show All Comments: from n/a through = 7.0.1...

CVE-2025-47607

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AppJetty Show All Comments show-all-comments-in-one-page allows Stored XSS.This issue affects Show All Comments: from n/a through = 7.0.1...

CVE-2025-47605

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AppJetty WP jQuery DataTable wp-jquery-datatable allows Stored XSS.This issue affects WP jQuery DataTable: from n/a through = 4.1.0...

CVE-2025-47607 WordPress Show All Comments plugin <= 7.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AppJetty Show All Comments show-all-comments-in-one-page allows Stored XSS.This issue affects Show All Comments: from n/a through = 7.0.1...

CVE-2025-47607

CVE-2025-47607 is a stored XSS vulnerability in the WordPress plugin “Show All Comments” (Show All Comments: n/a through 7.0.1). Technical details across connected documents confirm the issue stems from improper neutralization of input during web page generation, enabling stored cross-site script...

CVE-2025-47605

CVE-2025-47605 describes a Stored XSS in the WordPress plugin WP jQuery DataTable (affected: WP jQuery DataTable

PT-2025-20177 · Appjetty · Appjetty Wp Jquery Datatable

Name of the Vulnerable Software and Affected Versions: AppJetty WP jQuery DataTable versions through 4.1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

PT-2025-20179 · Appjetty · Appjetty Show All Comments

Name of the Vulnerable Software and Affected Versions: AppJetty Show All Comments versions n/a through 7.0.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker...