95 matches found
EUVD-2025-28172
Malicious code in bioql PyPI...
EUVD-2024-35404
Malicious code in bioql PyPI...
EUVD-2023-56120
Malicious code in bioql PyPI...
CVE-2023-51399
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3...
CVE-2025-48252
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through = 1.6.8...
CVE-2025-48252
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through = 1.6.8...
CVE-2025-48252
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS. This issue affects Back Button Widget: from n/a through 1.6.8...
CVE-2025-48252
CVE-2025-48252 corresponds to a stored Cross‑Site Scripting vulnerability in the WPFactory Back Button Widget, affecting versions up to 1.6.8. The issue stems from improper input neutralization during web page generation, enabling stored XSS attacks. Connected sources confirm the vulnerability an...
CVE-2025-48252 WordPress Back Button Widget plugin <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through = 1.6.8...
CVE-2025-48252 WordPress Back Button Widget <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS. This issue affects Back Button Widget: from n/a through 1.6.8...
WordPress plugin Back Button Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-21964 · Unknown · Back Button Widget
Name of the Vulnerable Software and Affected Versions: Back Button Widget versions 1.6.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can injec...
Hiro: Logout Bypass Vulnerability in Hiro.so
Summary A logout bypass vulnerability has been identified on platform.hiro.so, allowing users to regain access to their session after logging out simply by pressing the back button on the browser. This issue arises due to improper session invalidation and potential caching misconfigurations. If...
The vulnerability of the Drupal CMS system’s Browser Back Button module, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of the Drupal CMS system’s Browser Back Button feature is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
CVE-2024-13308
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Browser Back Button allows Cross-Site Scripting XSS.This issue affects Browser Back Button: from 1.0.0 before 2.0.2...
CVE-2024-13308
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Browser Back Button allows Cross-Site Scripting XSS.This issue affects Browser Back Button: from 1.0.0 before 2.0.2...
CVE-2024-13308 Browser Back Button - Moderately critical - Cross site scripting - SA-CONTRIB-2024-072
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Browser Back Button allows Cross-Site Scripting XSS.This issue affects Browser Back Button: from 1.0.0 before 2.0.2...
CVE-2024-13308 Browser Back Button - Moderately critical - Cross site scripting - SA-CONTRIB-2024-072
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Browser Back Button allows Cross-Site Scripting XSS.This issue affects Browser Back Button: from 1.0.0 before 2.0.2...
CVE-2024-13308
CVE-2024-13308 affects the Drupal Browser Back Button module. The vulnerability is an improper neutralization of input during web page generation (XSS) in the module’s back-button block, stemming from insufficient escaping of administrator-entered text. Affected versions: 1.0.0–2.0.2. Impact desc...
DRUPAL-CONTRIB-2024-072
This module provides a block that renders a link providing the functionality of a browser's back button. The module does not sufficiently escape text entered by an administrator, resulting in a cross scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a...