17 matches found
EUVD-2025-36032
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aviplugins.com Custom Post Type Attachment custom-post-type-pdf-attachment allows Stored XSS.This issue affects Custom Post Type Attachment: from n/a through = 3.4.6...
PT-2025-43785
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aviplugins.com Custom Post Type Attachment custom-post-type-pdf-attachment allows Stored XSS.This issue affects Custom Post Type Attachment: from n/a through = 3.4.6...
EUVD-2025-9746
Malicious code in bioql PyPI...
EUVD-2025-28365
Malicious code in bioql PyPI...
CVE-2024-54255
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in aviplugins.com Login Widget With Shortcode login-sidebar-widget allows Phishing.This issue affects Login Widget With Shortcode: from n/a through = 6.1.2...
CVE-2023-23818
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Aviplugins.Com WP Register Profile With Shortcode plugin = 3.5.7 versions...
CVE-2025-31384
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5...
CVE-2025-31384
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5...
CVE-2025-31384
CVE-2025-31384 affects the Aviplugins Videos WordPress plugin, with an issue described as Improper Neutralization of Script-Related HTML Tags in a Web Page (Reflected XSS) affecting Versions up to 1.0.5. The vulnerability is exploitable via network vector and requires user interaction; CVSS 3.1 b...
CVE-2025-31384 WordPress Videos plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5...
CVE-2025-24564
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aviplugins.com Contact Form With Shortcode contact-form-with-shortcode allows Reflected XSS.This issue affects Contact Form With Shortcode: from n/a through = 4.2.5...
CVE-2025-24564 WordPress Contact Form With Shortcode plugin <= 4.2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aviplugins.com Contact Form With Shortcode contact-form-with-shortcode allows Reflected XSS.This issue affects Contact Form With Shortcode: from n/a through = 4.2.5...
CVE-2024-54255
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in aviplugins.com Login Widget With Shortcode login-sidebar-widget allows Phishing.This issue affects Login Widget With Shortcode: from n/a through = 6.1.2...
JVN#35838128: WordPress Plugin "WP Booking" vulnerable to cross-site scripting
WordPress Plugin "WP Booking" provided by aviplugins.com contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the web site using the product. Solution Update the plugin Update the plugin to the late...
CVE-2023-23818
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Aviplugins.Com WP Register Profile With Shortcode plugin = 3.5.7 versions...
CVE-2023-23818
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Aviplugins.Com WP Register Profile With Shortcode plugin = 3.5.7 versions...
PT-2023-19231 · WordPress · Aviplugins.Com Wp Register Profile With Shortcode
Name of the Vulnerable Software and Affected Versions: Aviplugins.Com WP Register Profile With Shortcode plugin versions = 3.5.7 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects users with admin+ authentication. This type of vulnerability allows an...