2344 matches found
EUVD-2025-60976
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-11822
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-11822
The CVE-2025-11822 vulnerability affects the WordPress plugin WP Bootstrap Tabs (versions ≤ 1.0.4). It is a Stored Cross-Site Scripting (XSS) via the bootstrap_tab shortcode caused by insufficient input sanitization and output escaping of user attributes. Impact: authenticated attackers with cont...
CVE-2025-11822 WP Bootstrap Tabs <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-11822 WP Bootstrap Tabs <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
PT-2025-46252
Name of the Vulnerable Software and Affected Versions WP Bootstrap Tabs versions prior to 1.0.5 Description The WP Bootstrap Tabs plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'bootstrap tab' shortcode. Insufficient input sanitization and output escaping of...
WordPress plugin WP Bootstrap Tabs 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-sit...
WordPress WP Bootstrap Tabs plugin <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by zakaria in WordPress Plugin WP Bootstrap Tabs versions = 1.0.4...
CVE-2025-11753
The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11753
The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
PT-2025-44938
Name of the Vulnerable Software and Affected Versions Bootstrap Multi-language Responsive Portfolio versions prior to 1.0 Description The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is susceptible to Stored Cross-Site Scripting through admin settings. Insufficient input...
WordPress plugin Bootstrap Multi-language Responsive Portfolio 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
Security Bulletin: CVE-2023-39417 - Extension script @substitutions@ within quoting allow SQL injection
Summary IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker...
Privilege Escalation
PyInstaller is vulnerable to Privilege Escalation. The vulnerability is due to the bootstrap process appending a special entry to sys.path and attempting to load an optional bytecode-decryption module while that entry is present, which allows an attacker who can create files/directories next to t...
Exploit for Cross-site Scripting in Getbootstrap Bootstrap
Bootstrap-before-3.4.1 ✅ Yes, that’s correct. This is a k...
WordPress Epic Bootstrap Buttons plugin cross-site scripting vulnerability
WordPress Epic Bootstrap Buttons plugin is a plugin for quickly adding Bootstrap style buttons to your WordPress website. WordPress Epic Bootstrap Buttons plugin suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of icol parameters, whic...
EUVD-2021-2370
Malware in sbrugna...
EUVD-2020-6098
Malware in sbrugna...
EUVD-2020-17783
Malware in sbrugna...
EUVD-2012-5983
Malware in sbrugna...