100 matches found
PT-2025-21707 · WordPress · Quanticalabs Css3 Compare Pricing Tables
Name of the Vulnerable Software and Affected Versions: QuanticaLabs CSS3 Compare Pricing Tables for WordPress versions n/a through 11.5 Description: The issue is related to a Missing Authorization vulnerability, allowing the exploitation of incorrectly configured access control security levels...
WordPress plugin CSS3 Tooltips for WordPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin CSS3 Accordions for WordPress 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2025-21680 · WordPress · Css3 Accordions
Name of the Vulnerable Software and Affected Versions: CSS3 Accordions for WordPress versions 3.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...
CVE-2025-26589
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristopher Dino IE CSS3 Support ie-css3-support allows Reflected XSS.This issue affects IE CSS3 Support: from n/a through = 2.0.1...
CVE-2025-26589
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristopher Dino IE CSS3 Support ie-css3-support allows Reflected XSS.This issue affects IE CSS3 Support: from n/a through = 2.0.1...
CVE-2025-26589
CVE-2025-26589 concerns the WordPress plugin IE CSS3 Support (
CVE-2025-26589 WordPress IE CSS3 Support Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristopher Dino IE CSS3 Support ie-css3-support allows Reflected XSS.This issue affects IE CSS3 Support: from n/a through = 2.0.1...
CVE-2025-26589 WordPress IE CSS3 Support Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristopher Dino IE CSS3 Support ie-css3-support allows Reflected XSS.This issue affects IE CSS3 Support: from n/a through = 2.0.1...
WordPress plugin IE CSS3 Support 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress IE CSS3 Support Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin IE CSS3 Support versions = 2.0.1...
Fedora: Security Advisory for golang-github-tdewolff-minify (FEDORA-2024-0d4d9925a2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-c3e32c5635)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: golang-github-tdewolff-minify-2.20.18-1.fc38
Minify is a minifier package written in Go. It provides HTML5, CSS3, JS, JSON, SVG and XML minifiers and an interface to implement any other minifier. Minification is the process of removing bytes from a file such as whitespace without changing its output and therefore shrinking its size and...
[SECURITY] Fedora 39 Update: golang-github-tdewolff-minify-2.20.18-1.fc39
Minify is a minifier package written in Go. It provides HTML5, CSS3, JS, JSON, SVG and XML minifiers and an interface to implement any other minifier. Minification is the process of removing bytes from a file such as whitespace without changing its output and therefore shrinking its size and...
SUSE CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
SUSE CVE-2009-1710
WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...
[SECURITY] Fedora 36 Update: rubygem-nokogiri-1.13.10-1.fc36
Nokogiri parses and searches XML/HTML very quickly, and also has correctly implemented CSS3 selector support as well as XPath support. Nokogiri also features an Hpricot compatibility layer to help ease the change to using correct CSS and XPath...
[SECURITY] Fedora 37 Update: rubygem-nokogiri-1.13.10-1.fc37
Nokogiri parses and searches XML/HTML very quickly, and also has correctly implemented CSS3 selector support as well as XPath support. Nokogiri also features an Hpricot compatibility layer to help ease the change to using correct CSS and XPath...
Cross site scripting
The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...