WordPress plugin Shortcodes Bootstrap 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-47676

The Shortcodes Bootstrap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' parameter in the notification shortcode in all versions up to, and including, 1.1. This is due to missing input sanitization and output escaping. This makes it possible for authenticated...

WordPress Shortcodes Bootstrap plugin <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Shortcodes Bootstrap versions = 1.1...

EUVD-2025-176680

Malicious code in resolvers-chakra-ui-bootstrap-ursa npm...

EUVD-2025-176651

Malicious code in reveal-md-cosmos-apex-bootstrap npm...

EUVD-2025-179989

Malicious code in bootstrap-solis-bulma-zooarchaeology npm...

EUVD-2025-179653

Malicious code in command-bootstrap-exoplanetology-paleontology npm...

Malicious code in bootstrap-kastra-event-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a2df2510f2f174eab60a7a3916ad6759fd87b80db2bd5c6f9164cf9fcc0be69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bootstrap-fusion-loop-restart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ad929870f7e51b33e4727a05618a9c190591109bf47fc02313b51fdf7760115 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176821

Malicious code in radiant-event-bootstrap-geodynamo npm...

EUVD-2025-177847

Malicious code in middleware-antares-bootstrap-fork npm...

EUVD-2025-179646

Malicious code in command-react-bootstrap-neuromorphic-magellan npm...

EUVD-2025-176257

Malicious code in spectroscopy-webdriver-manager-await-bootstrap npm...

MAL-2025-186812 Malicious code in eridanus-react-bootstrap-telesto-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4fe8d301287a2cbf12ee63abb39ad3722dc93d2d21a760e22a0fa2a4727b4c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179070

Malicious code in eridanus-react-bootstrap-telesto-yaml npm...

EUVD-2025-176974

Malicious code in protractor-nightwatch-schema-bootstrap npm...

EUVD-2025-179295

Malicious code in dione-kastra-public-react-bootstrap npm...

Malicious code in bootstrap-cluster-fornax-link (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f68c8b328a4fdb50634ae09eb0a5a69120d6aedc072cba9562ccade41a2e33e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in bootstrap-futurology-bootstrap-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b104189a74b27deed81a647b36a22f7fbca02dfd1483495bc1805ff2b673e36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in middleware-antares-bootstrap-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8413a05fb60698d2bc5a2570951f668c8b724e92016b863ae04b7b1ee7906617 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...