26 matches found
EUVD-2025-4063
Malicious code in bioql PyPI...
EUVD-2025-26014
Malicious code in bioql PyPI...
EUVD-2025-25357
Malicious code in bioql PyPI...
CVE-2025-48365
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment customcomment allows Stored XSS.This issue affects Custom Comment: from n/a through = 2.1.6...
CVE-2025-48365
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment customcomment allows Stored XSS.This issue affects Custom Comment: from n/a through = 2.1.6...
CVE-2025-48365 WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment allows Stored XSS. This issue affects Custom Comment: from n/a through 2.1.6...
CVE-2025-48365 WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment customcomment allows Stored XSS.This issue affects Custom Comment: from n/a through = 2.1.6...
CVE-2025-48365
CVE-2025-48365 describes a stored XSS in the WordPress plugin “Custom Comment” (imaprogrammer Custom Comment) affecting versions from n/a through 2.1.6. The root cause is improper input neutralization during web page generation, enabling stored Cross‑Site Scripting. Public sources in the Connecte...
WordPress plugin Custom Comment 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-35033
Name of the Vulnerable Software and Affected Versions: imaprogrammer Custom Comment versions through 2.1.6 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. Recommendations: Update imaprogramm...
CVE-2025-49889
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Edge CPT edge-cpt allows PHP Local File Inclusion.This issue affects Edge CPT: from n/a through = 1.4...
CVE-2025-49889
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Edge CPT edge-cpt allows PHP Local File Inclusion.This issue affects Edge CPT: from n/a through = 1.4...
CVE-2025-49889 WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment allows Stored XSS. This issue affects Custom Comment: from n/a through 2.1.6...
CVE-2025-49889 WordPress Edge CPT plugin <= 1.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Edge CPT edge-cpt allows PHP Local File Inclusion.This issue affects Edge CPT: from n/a through = 1.4...
CVE-2025-49889
Edge CPT Edge-Themes Edge CPT edge-cpt for WordPress has a Local File Inclusion due to improper control of the filename in Include/Require, affecting Edge CPT versions up to and including 1.4. CVE-2025-49889. The Red Hat entry corroborates the vulnerability description and affected versions. No p...
WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Custom Comment versions = 2.1.6...
WordPress plugin Custom Comment 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists i...
PT-2025-33957 · Unknown · Imaprogrammer Custom Comment
Name of the Vulnerable Software and Affected Versions: imaprogrammer Custom Comment versions through 2.1.6 Description: This issue involves improper neutralization of input during web page generation, leading to a stored cross-site scripting XSS condition. This allows for the injection of malicio...
WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Custom Comment versions = 2.1.6...
CVE-2025-25154
Cross-Site Request Forgery CSRF vulnerability in scweber Custom Comment Notifications custom-comment-notifications allows Stored XSS.This issue affects Custom Comment Notifications: from n/a through = 1.0.8...