EUVD-2025-18724

Malicious code in bioql PyPI...

EUVD-2023-49668

Malicious code in bioql PyPI...

EUVD-2023-56206

Malicious code in bioql PyPI...

CVE-2025-5125

The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...

CVE-2025-5125

The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...

CVE-2025-5125

The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...

CVE-2025-5125 Custom Post Carousels with Owl < 1.4.12 - Contributor+ Stored XSS

The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...

CVE-2025-5125

The CVE-2025-5125 entry affects the WordPress plugin “Custom Post Carousels with Owl”, specifically versions prior to 1.4.12. The root cause is unsanitized input in the data-featherlight attribute used by the Featherlight library, enabling a Stored XSS condition as described by multiple sources. ...

CVE-2025-5125 Custom Post Carousels with Owl < 1.4.12 - Contributor+ Stored XSS

The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it...

WordPress plugin Custom Post Carousels with Owl 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress Custom Post Carousels with Owl plugin that stems from not cleaning up the data-featherlight attribute. An attacker can exploit t...

CVE-2023-45376

In the module "Carousels Pack - Instagram, Products, Brands, Supplier" hicarouselspack for PrestaShop up to version 1.5.0 from HiPresta for PrestaShop, a guest can perform SQL injection via HiCpProductGetter::getViewedProduct...

CVE-2023-51493

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Custom Post Carousels with Owl allows Stored XSS.This issue affects Custom Post Carousels with Owl: from n/a through 1.4.6...

CVE-2025-2085

A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This affects an unknown part of the file /admin/carousels/save. The manipulation of the argument redirectUrl leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-55452

A URL redirection vulnerability exists in UJCMS 9.6.3 due to improper validation of URLs in the upload and rendering of new block / carousel items. This vulnerability allows authenticated attackers to redirect unprivileged users to an arbitrary, attacker-controlled webpage. When an authenticated...

CVE-2023-51493

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Custom Post Carousels with Owl allows Stored XSS.This issue affects Custom Post Carousels with Owl: from n/a through 1.4.6...

CVE-2023-51493

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Custom Post Carousels with Owl allows Stored XSS.This issue affects Custom Post Carousels with Owl: from n/a through 1.4.6...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Custom Post Carousels with Owl allows Stored XSS.This issue affects Custom Post Carousels with Owl: from n/a through 1.4.6...

CVE-2023-51493

CVE-2023-51493 concerns the WordPress plugin Custom Post Carousels with Owl (dd-post-carousel). Affected versions: up to 1.4.6. Issue: improper neutralization of user input during web page generation, enabling a stored cross-site scripting (XSS) vulnerability. Impact per sources: stored XSS; no e...

CVE-2023-51493 WordPress Custom Post Carousels with Owl Plugin <= 1.4.6 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Custom Post Carousels with Owl allows Stored XSS.This issue affects Custom Post Carousels with Owl: from n/a through 1.4.6...

CVE-2023-51493 WordPress Custom Post Carousels with Owl Plugin <= 1.4.6 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Howard Ehrenberg Custom Post Carousels with Owl allows Stored XSS.This issue affects Custom Post Carousels with Owl: from n/a through 1.4.6...