CVE-2026-40927

Docmost is open-source collaborative wiki and documentation software. Prior to 0.80.0, when leaving a comment on a page, it is possible to include a JavaScript URI as the link. When a user clicks on the link the JavaScript executes. This vulnerability is fixed in 0.80.0...

CVE-2026-40927

CVE-2026-40927 — Docmost XSS in Comments : Docmost (open-source wiki) is affected prior to version 0.80.0. When leaving a page comment, a link can contain a JavaScript URI, and clicking it executes JS. The issue is fixed in 0.80.0. Impact and exploit specifics are documented as a cross-site scrip...

CVE-2026-40927 Docmost: XSS in Comments with JavaScript URI

Docmost is open-source collaborative wiki and documentation software. Prior to 0.80.0, when leaving a comment on a page, it is possible to include a JavaScript URI as the link. When a user clicks on the link the JavaScript executes. This vulnerability is fixed in 0.80.0...

WordPress Short Comment Filter plugin <= 2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Short Comment Filter versions = 2.2...

WWBN AVideo 跨站请求伪造漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 29.0 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the objects/commentDelete.json.php file, which deleted comments without performi...

PT-2026-34199

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions prior to 29.1 Description A state-mutating JSON endpoint 'objects/commentDelete.json.php' fails to perform Cross-Site Request Forgery CSRF validation. The endpoint does not utilize the forbidIfIsUntrustedRequest function,...

PT-2026-34179

Docmost is open-source collaborative wiki and documentation software. Prior to 0.80.0, when leaving a comment on a page, it is possible to include a JavaScript URI as the link. When a user clicks on the link the JavaScript executes. This vulnerability is fixed in 0.80.0...

ChurchCRM 安全漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.2.0 contained security vulnerabilities. These vulnerabilities were caused by insufficient escaping of donation comment values by the Pledge Editor, which could lead to stored-xss attacks...

CVE-2026-40483 ChurchCRM: Stored XSS in PledgeEditor.php via Donation Comment Field

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the Pledge Editor renders donation comment values directly into HTML input value attributes without escaping via htmlspecialchars. An authenticated user with Finance permissions can inject HTML attribute-breaking...

CVE-2026-40483

ChurchCRM prior to v7.2.0 is vulnerable to stored XSS via the Pledge Editor’s donation comment field, where unescaped input is placed into HTML input value attributes. An authenticated user with Finance permissions can inject attribute-breaking characters and event handlers, which are stored in t...

CVE-2026-40483 ChurchCRM: Stored XSS in PledgeEditor.php via Donation Comment Field

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the Pledge Editor renders donation comment values directly into HTML input value attributes without escaping via htmlspecialchars. An authenticated user with Finance permissions can inject HTML attribute-breaking...

XML Injection

Overview Affected versions of this package are vulnerable to XML Injection in fxb.js, which does not properly handle closing delimiters for comment and CDATA values. The -- sequence in comment content and the sequence in CDATA sections can be coopted to close their respective sections early and...

XML Injection

Overview @xmldom/xmldom is a javascript ponyfill to provide the following APIs that are present in modern browsers to other runtimes. Since version 0.7.0 this package is published to npm as @xmldom/xmldom and no longer as xmldom Affected versions of this package are vulnerable to XML Injection du...

XML Injection

Overview xmldom is an A pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. Affected versions of this package are vulnerable to XML Injection due to unvalidated comment serialization. When an application uses the package to create an XML comment from...

XML Injection

Overview org.webjars.npm:xmldom is an A pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. Affected versions of this package are vulnerable to XML Injection due to unvalidated comment serialization. When an application uses the package to create an XML...

CVE-2026-4032

CodeColorer for WordPress is affected by a stored cross-site scripting vulnerability in the cc shortcode’s class attribute, affecting versions up to and including 0.10.1 due to insufficient input sanitization and output escaping. Exploitation requires comments to be enabled on the target post and...

WordPress plugin CodeColorer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Cross-site Request Forgery (CSRF)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the commentDelete.json.php endpoint, which lacks proper validation of request origin and does not require a CSRF token. An...

WWBN AVideo is missing CSRF protection in objects/commentDelete.json.php enables mass comment deletion against moderators and content creators

Summary objects/commentDelete.json.php is a state-mutating JSON endpoint that deletes comments but performs no CSRF validation. It does not call forbidIfIsUntrustedRequest, does not verify a CSRF/global token, and does not check Origin/Referer. Because AVideo intentionally sets...

GHSA-8QM8-G55H-XMQR WWBN AVideo is missing CSRF protection in objects/commentDelete.json.php enables mass comment deletion against moderators and content creators

Summary objects/commentDelete.json.php is a state-mutating JSON endpoint that deletes comments but performs no CSRF validation. It does not call forbidIfIsUntrustedRequest, does not verify a CSRF/global token, and does not check Origin/Referer. Because AVideo intentionally sets...