18 matches found
CVE-2026-40103
Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's scoped API token enforcement for custom project background routes is method-confused. A token with only projects.background can successfully delete a project background, while a token with only...
CVE-2025-62125
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anshul Gangrade Custom Background Changer custom-background-changer allows Stored XSS.This issue affects Custom Background Changer: from n/a through = 3.0...
CVE-2025-62125
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anshul Gangrade Custom Background Changer custom-background-changer allows Stored XSS.This issue affects Custom Background Changer: from n/a through = 3.0...
CVE-2025-62125 WordPress Custom Background Changer plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anshul Gangrade Custom Background Changer custom-background-changer allows Stored XSS.This issue affects Custom Background Changer: from n/a through = 3.0...
CVE-2025-62125 WordPress Custom Background Changer plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anshul Gangrade Custom Background Changer custom-background-changer allows Stored XSS.This issue affects Custom Background Changer: from n/a through 3.0...
EUVD-2025-205972
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anshul Gangrade Custom Background Changer custom-background-changer allows Stored XSS.This issue affects Custom Background Changer: from n/a through 3.0...
CVE-2025-62125
CVE-2025-62125 is a stored XSS in the Custom Background Changer WordPress plugin (
WordPress plugin Custom Background Changer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-54320
Name of the Vulnerable Software and Affected Versions Anshul Gangrade Custom Background Changer versions through 3.0 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, potentially leading to Cross-site Scripting XSS. This allows fo...
CS Money: Bypass restrict of member subscription to use custom background in https://3d.cs.money without prime subscription
Summary: In website https://3d.cs.money you need to subscribe prime to have a custom background for skin F999661 But with this vulnerability, we can use custom background without any fee required Steps To Reproduce: add details for how we can reproduce the issue - Grab a build of skin - Save it...
Fedora 27 : php-horde-horde (2018-1de045298c)
Horde 5.2.20 - mjr SECURITY: Fix XSS vulnerability when rendering custom background colors in a sidebar row Bug 14857. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
felici - Custom Background Shell Upload
The felici WordPress theme was affected by a Custom Background Shell Upload security vulnerability...
appius - Custom Background Shell Upload
The appius WordPress theme was affected by a Custom Background Shell Upload security vulnerability...
Shotzz - Custom Background Shell Upload
The shotzz WordPress theme was affected by a Custom Background Shell Upload security vulnerability...
dagda - Custom Background Shell Upload
The dagda WordPress theme was affected by a Custom Background Shell Upload security vulnerability...
WordPress Felici / Custom Background Shell Upload
Exploit Title : WordPress Felici Shell Upload Google Dork : inurl:"/wp-content/themes/felici/" Date : 23-03-2014 Exploit Author : CaFc Versace Vendor Homepage : http://wordpressnull.com/themeforest-felici-v1-7-wordpress-magazine-theme/ Tested on : Windows 7 Contact : [email protected],...
WordPress Vithy / Appius / Dagda / Vector / Shotzz Shell Upload
Exploit Title : WordPress Custom Background Shell Upload Google Dork : inurl:"/wp-content/plugins/custom-background/" Date : 23-03-2014 Exploit Author : CaFc Versace Tested on : Windows 7 Contact : [email protected], [email protected] Prooft:...
Wordpress custom-background plugin file upload vulnerability
Exploit for php platform in category web applications +----------------------------------------------------------------------+ Exploit Title: wordpress custom-background plugin file upload vulnerability Google Dork: inurl:/wp-content/plugins/custom-background Date: 10/06/2012 Author: Tunisian...