26 matches found
EUVD-2025-4063
Malicious code in bioql PyPI...
EUVD-2025-25357
Malicious code in bioql PyPI...
EUVD-2025-26014
Malicious code in bioql PyPI...
CVE-2025-48365
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment customcomment allows Stored XSS.This issue affects Custom Comment: from n/a through = 2.1.6...
CVE-2025-48365
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment customcomment allows Stored XSS.This issue affects Custom Comment: from n/a through = 2.1.6...
CVE-2025-48365
CVE-2025-48365 describes a stored XSS in the WordPress plugin “Custom Comment” (imaprogrammer Custom Comment) affecting versions from n/a through 2.1.6. The root cause is improper input neutralization during web page generation, enabling stored Cross‑Site Scripting. Public sources in the Connecte...
CVE-2025-48365 WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment allows Stored XSS. This issue affects Custom Comment: from n/a through 2.1.6...
CVE-2025-48365 WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment customcomment allows Stored XSS.This issue affects Custom Comment: from n/a through = 2.1.6...
WordPress plugin Custom Comment 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-35033
Name of the Vulnerable Software and Affected Versions: imaprogrammer Custom Comment versions through 2.1.6 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. Recommendations: Update imaprogramm...
CVE-2025-49889
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Edge CPT edge-cpt allows PHP Local File Inclusion.This issue affects Edge CPT: from n/a through = 1.4...
CVE-2025-49889
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Edge CPT edge-cpt allows PHP Local File Inclusion.This issue affects Edge CPT: from n/a through = 1.4...
CVE-2025-49889
Edge CPT Edge-Themes Edge CPT edge-cpt for WordPress has a Local File Inclusion due to improper control of the filename in Include/Require, affecting Edge CPT versions up to and including 1.4. CVE-2025-49889. The Red Hat entry corroborates the vulnerability description and affected versions. No p...
CVE-2025-49889 WordPress Edge CPT plugin <= 1.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Edge CPT edge-cpt allows PHP Local File Inclusion.This issue affects Edge CPT: from n/a through = 1.4...
CVE-2025-49889 WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imaprogrammer Custom Comment allows Stored XSS. This issue affects Custom Comment: from n/a through 2.1.6...
WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Custom Comment versions = 2.1.6...
PT-2025-33957 · Unknown · Imaprogrammer Custom Comment
Name of the Vulnerable Software and Affected Versions: imaprogrammer Custom Comment versions through 2.1.6 Description: This issue involves improper neutralization of input during web page generation, leading to a stored cross-site scripting XSS condition. This allows for the injection of malicio...
WordPress plugin Custom Comment 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists i...
WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Custom Comment versions = 2.1.6...
CVE-2025-25154
Cross-Site Request Forgery CSRF vulnerability in scweber Custom Comment Notifications custom-comment-notifications allows Stored XSS.This issue affects Custom Comment Notifications: from n/a through = 1.0.8...