2336 matches found
CVE-2025-62095
CVE-2025-62095 – Bootstrap Modals (WordPress plugin)
CVE-2025-62095 WordPress Bootstrap Modals plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neilgee Bootstrap Modals bootstrap-modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through = 1.3.2...
EUVD-2025-205958
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Neilgee Bootstrap Modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through 1.3.2...
WordPress Bootstrap Modals plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Bootstrap Modals versions = 1.3.2...
WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Stored XSS via Shortcode vulnerability
Stored XSS via Shortcode vulnerability discovered by Bob Matyas in WordPress Plugin Twitter Bootstrap Collapse aka Accordian Shortcode versions = 1.0...
WordPress plugin Bootstrap Modals 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-54315
Name of the Vulnerable Software and Affected Versions Neilgee Bootstrap Modals versions through 1.3.2 Description A flaw exists in Neilgee Bootstrap Modals that allows for Stored Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. Successful...
MAL-2025-192718 Malicious code in bootstrap-setflexcolor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90557c8cf061fb243537b42df1c27af4fc410d5a3bbeb6df2346720058fa9d4f The package bootstrap-setflexcolor was found to contain malicious code...
EUVD-2025-204935
Malicious code in bootstrap-setflexcolor npm...
Malicious code in bootstrap-setflexcolor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90557c8cf061fb243537b42df1c27af4fc410d5a3bbeb6df2346720058fa9d4f The package bootstrap-setflexcolor was found to contain malicious code...
EUVD-2025-204936
Malicious code in bootstrap-setcolors npm...
Malicious code in bootstrap-setcolors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49438d0a37b288cf5dcbc9c27b5bc18510beec255d1d359a1f5a25361d4b121e The package bootstrap-setcolors was found to contain malicious code...
MAL-2025-192717 Malicious code in bootstrap-setcolors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49438d0a37b288cf5dcbc9c27b5bc18510beec255d1d359a1f5a25361d4b121e The package bootstrap-setcolors was found to contain malicious code...
EUVD-2025-204937
Malicious code in bootstrap-setcolor npm...
Malicious code in bootstrap-setcolor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28e711bb0bea7ae170d6be10137758bbb8e7d4fd0d987de9183d58c6ee224f41 The package bootstrap-setcolor was found to contain malicious code...
MAL-2025-192716 Malicious code in bootstrap-setcolor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28e711bb0bea7ae170d6be10137758bbb8e7d4fd0d987de9183d58c6ee224f41 The package bootstrap-setcolor was found to contain malicious code...
FastAdmin SQL注入漏洞
FastAdmin is a set of web backend development framework based on ThinkPHP and Bootstrap by Karson's personal developer. FastAdmin 1.7.0.20250506 and earlier versions exist SQL injection vulnerability, the vulnerability stems from the application/common/controller/Backend.php file...
PYSEC-2025-103
Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HTTP GET requests to the /console/api/system-features endpoint without any authentication credentials or session tokens. The endpoint fails to implement proper authorization checks, allowing anonymous...
PYSEC-2025-103
Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HTTP GET requests to the /console/api/system-features endpoint without any authentication credentials or session tokens. The endpoint fails to implement proper authorization checks, allowing anonymous...
CVE-2025-63387
Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HTTP GET requests to the /console/api/system-features endpoint without any authentication credentials or session tokens. The endpoint fails to implement proper authorization checks, allowing anonymous...