CVE-2025-30951

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stiofan BlockStrap Page Builder - Bootstrap Blocks blockstrap-page-builder-blocks allows Stored XSS.This issue affects BlockStrap Page Builder - Bootstrap Blocks: from n/a through = 0.1.36...

CVE-2025-30951 WordPress BlockStrap Page Builder - Bootstrap Blocks plugin <= 0.1.36 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stiofan BlockStrap Page Builder - Bootstrap Blocks blockstrap-page-builder-blocks allows Stored XSS.This issue affects BlockStrap Page Builder - Bootstrap Blocks: from n/a through = 0.1.36...

CVE-2025-30951 WordPress BlockStrap Page Builder - Bootstrap Blocks plugin <= 0.1.36 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stiofan BlockStrap Page Builder - Bootstrap Blocks blockstrap-page-builder-blocks allows Stored XSS.This issue affects BlockStrap Page Builder - Bootstrap Blocks: from n/a through = 0.1.36...

PT-2025-24173 · Unknown · Stiofan Blockstrap Page Builder

Name of the Vulnerable Software and Affected Versions: Stiofan BlockStrap Page Builder - Bootstrap Blocks versions 0.1.36 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS...

USN-7556-1: Bootstrap vulnerabilities

It was discovered that Bootstrap did not correctly sanitize certain input in the carousel component. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. CVE-2024-6484, CVE-2024-6531 It was discovered that Bootstrap did not correctly sanitize certain input in th...

USN-7556-1 twitter-bootstrap3, twitter-bootstrap4 vulnerabilities

It was discovered that Bootstrap did not correctly sanitize certain input in the carousel component. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. CVE-2024-6484, CVE-2024-6531 It was discovered that Bootstrap did not correctly sanitize certain input in th...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : Bootstrap vulnerabilities (USN-7556-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7556-1 advisory. It was discovered that Bootstrap did not correctly sanitize certain input in the carousel...

org.apache.pekko:pekko-management-cluster-bootstrap_3 (>=1.0.0 <=1.1.0-M1), org.apache.pekko:pekko-management-cluster-http_3 (>=1.0.0 <=1.1.0-M1) +2 more potentially affected by CVE-2025-46548 via org.apache.pekko:pekko-management_3 (>=1.0.0 <=1.1.0)

org.apache.pekko:pekko-management3 MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.1.0-M1 Source cves: CVE-2025-46548 Source advisory: OSV:GHSA-9QVJ-RPJ8-V5C8...

com.lightbend.akka.management:akka-management-cluster-bootstrap_3 (>=1.3.0 <=1.4.1), com.lightbend.akka.management:akka-management-cluster-http_3 (>=1.3.0 <=1.4.1) +2 more potentially affected by CVE-2025-46548 via com.lightbend.akka.management:akka-management_3 (>=1.3.0 <=1.4.1)

com.lightbend.akka.management:akka-management3 MAVEN version =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.4.1 Source cves: CVE-2025-46548 Source advisory: OSV:GHSA-9QVJ-RPJ8-V5C8...

org.apache.pekko:pekko-management-cluster-bootstrap_2.12 (>=1.0.0 <=1.1.0-M1), org.apache.pekko:pekko-management-cluster-http_2.12 (>=1.0.0 <=1.1.0-M1) +2 more potentially affected by CVE-2025-46548 via org.apache.pekko:pekko-management_2.12 (>=1.0.0 <=1.1.0)

org.apache.pekko:pekko-management2.12 MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.1.0-M1 Source cves: CVE-2025-46548 Source advisory: OSV:GHSA-9QVJ-RPJ8-V5C8...

Debian: Security Advisory (DLA-4204-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4204-1 twitter-bootstrap3 - security update

Bulletin has no description...

CVE-2025-22743

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian...

CVE-2024-43349

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through = 1.3.19...

CVE-2024-7416

The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.7. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the ful...

CVE-2024-7067

A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to 1f1097a3448ce8ec53e034ea0f70b8e2a0e64a87. It has been rated as critical. Affected by this issue is the function getCartProductsIds of the file app/Cart.php. The manipulation of the argument laraCart leads to deserializatio...

CVE-2024-7382

The Linkify Text plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.9.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of th...

CVE-2024-7415

The Remember Me Controls plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve...

CVE-2024-35169

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in allbootstrapblocks All Bootstrap Blocks all-bootstrap-blocks.This issue affects All Bootstrap Blocks: from n/a through = 1.3.15...

CVE-2024-51810

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in George Lewe Lewe Bootstrap Visuals shortcode-bootstrap-visuals allows Stored XSS.This issue affects Lewe Bootstrap Visuals: from n/a through = 3.0.1...