43 matches found
CVE-2026-24597 WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...
CVE-2026-22637
The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...
CVE-2026-22637
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-22637
...
CVE-2026-22637
CVE-2026-22637 is associated with Grafana XY Chart Plugin. The Red Hat entry and PT--security advisory describe a DOM-based XSS vulnerability where a user with Editor permissions can modify a panel to execute arbitrary JavaScript. Affected component: Grafana XY Chart Plugin; attack vector involve...
CVE-2026-22637
...
EUVD-2025-60944
The Chart Expert plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pmzezchart' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes. This makes it possible for...
EUVD-2023-27975
Malicious code in bioql PyPI...
EUVD-2025-12232
Malicious code in bioql PyPI...
CVE-2023-47526
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chart Builder Team Chartify – WordPress Chart Plugin allows Stored XSS.This issue affects Chartify – WordPress Chart Plugin: from n/a through 2.0.6...
CVE-2023-23892
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Jamie Poitra M Chart plugin = 1.9.4 versions...
CVE-2023-28791
Cross-Site Request Forgery CSRF vulnerability in Gangesh Matta Simple Org Chart plugin = 2.3.4 versions...
CVE-2021-24360
The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users contributor+ to perform Blind SQL Injection attacks...
BIT-GRAFANA-2025-2703
The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...
SUSE CVE-2025-2703
The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...
CVE-2025-2703
The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...
CVE-2025-2703
CVE-2025-2703 affects Grafana’s built-in XY Chart plugin through a DOM XSS flaw. The advisory text states that a user with Editor permissions can modify a panel to execute arbitrary JavaScript, indicating that the vulnerability stems from client-side script handling in the chart component and cou...
CVE-2025-2703
The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...
CVE-2025-2703
The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...
CVE-2025-2703
The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...