23 matches found
WordPress Plugin Tera Charts - Local File Inclusion
Multiple local file inclusion vulnerabilities in Tera Charts tera-charts plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. dot dot in the fn parameter to 1 charts/treemap.php or 2 charts/zoomabletreemap.php. id: CVE-2014-4940 info: name: WordPress Plugin Tera Charts...
WordPress Power Charts plugin <= 0.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Power Charts versions = 0.1.0...
CVE-2025-11820
The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widgets in all versions up to, and including, 3.1.8 due to insufficient input sanitization and output escaping on data attributes. This makes it possible for authenticat...
EUVD-2025-4839
Malicious code in bioql PyPI...
CVE-2025-58797
CVE-2025-58797 affects the Ninja Charts WordPress plugin (versions up to and including 3.3.2). The issue is Exposure of Sensitive System Information to an Unauthorized Control Sphere, enabling retrieval of embedded sensitive data. Public advisories and vendor/community sources corroborate that up...
WordPress Ninja Charts plugin <= 3.3.5 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Ninja Charts versions = 3.3.5...
CVE-2025-8867
CVE-2025-8867 (Graphina – Elementor Charts and Graphs) is a Stored Cross-Site Scripting vulnerability in WordPress Graphina plugin versions
CVE-2023-5062
The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wpcharts' shortcode in versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
CVE-2014-4940
Multiple directory traversal vulnerabilities in Tera Charts tera-charts plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. dot dot in the fn parameter to 1 charts/treemap.php or 2 charts/zoomabletreemap.php...
CVE-2025-26893 WordPress Easy Charts plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kiran Potphode Easy Charts easy-charts allows DOM-Based XSS.This issue affects Easy Charts: from n/a through = 1.2.3...
CVE-2025-26893 WordPress Easy Charts plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kiran Potphode Easy Charts easy-charts allows DOM-Based XSS.This issue affects Easy Charts: from n/a through = 1.2.3...
CVE-2024-13581
The Simple Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'simplechart' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13581
The Simple Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'simplechart' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13581
CVE-2024-13581 refers to a stored XSS in the Simple Charts WordPress plugin. The connected Wordfence entry confirms the vulnerability exists in the Simple Charts plugin via the simple_chart shortcode, caused by insufficient input sanitization and output escaping of user-supplied shortcode attribu...
CVE-2024-13581 Simple Charts <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Simple Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'simplechart' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13581 Simple Charts <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Simple Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'simplechart' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2023-5062
The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wpcharts' shortcode in versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
CVE-2023-5062
CVE-2023-5062 affects the WordPress Charts plugin for WordPress. The vulnerability is a stored XSS in the wp_charts shortcode present in versions up to 0.7.0, caused by insufficient input sanitization and output escaping on user-supplied shortcode attributes. Exploitation requires authenticated a...
CVE-2023-5062 WordPress Charts <= 0.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wpcharts' shortcode in versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
CVE-2023-5062 WordPress Charts <= 0.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wpcharts' shortcode in versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...