EUVD-2024-45463

Malicious code in bioql PyPI...

EUVD-2025-7860

Malicious code in bioql PyPI...

CVE-2025-28905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chaser324 Featured Posts Grid featured-posts-grid allows Stored XSS.This issue affects Featured Posts Grid: from n/a through = 1.7...

CVE-2025-28905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chaser324 Featured Posts Grid featured-posts-grid allows Stored XSS.This issue affects Featured Posts Grid: from n/a through = 1.7...

CVE-2025-28905

CVE-2025-28905 relates to the WordPress plugin Featured Posts Grid (versions at or below 1.7). The connected docs confirm an improper handling of input during web page generation, enabling a CSRF to Stored XSS chain. The CVSS 3.1 base metrics (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) indicate network...

CVE-2024-51647

Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25...

CVE-2024-51647

Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25...

CVE-2024-51647

The CVE-2024-51647 entry concerns the WordPress Featured Posts Scroll plugin, versions 1.25 and earlier. The vulnerability is CSRF that enables Stored XSS within the plugin. PT-2024-34791 provides a practical note: a CSRF flaw allows stored XSS; workaround recommendations include disabling exploi...

PT-2024-34791 · Unknown · Chaser324 Featured Posts Scroll

Name of the Vulnerable Software and Affected Versions: Chaser324 Featured Posts Scroll versions 1.25 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...