4 matches found
WordPress 15Zine <3.3.0 - Cross-Site Scripting
WordPress 15Zine before 3.3.0 is vulnerable to reflected cross-site scripting because the theme does not sanitize the cbi parameter before including it in the HTTP response via the cbsa AJAX action. id: CVE-2020-36510 info: name: WordPress 15Zine 3.3.0 - Cross-Site Scripting author: veshraj...
CVE-2026-23544
Deserialization of Untrusted Data vulnerability in codetipi Valenti valenti allows Object Injection.This issue affects Valenti: from n/a through = 5.6.3.5...
CVE-2026-23544
Deserialization of Untrusted Data vulnerability in codetipi Valenti valenti allows Object Injection.This issue affects Valenti: from n/a through = 5.6.3.5...
PT-2025-54398
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetipi Valenti Engine allows DOM-Based XSS.This issue affects Valenti Engine: from n/a through 1.0.3...