CVE-2026-8423 JaviBola Custom Theme Test <= 2.0.5 - Cross-Site Request Forgery

The JaviBola Custom Theme Test plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the options page. This makes it possible for unauthenticated attackers to change the site's active...

WordPress plugin JaviBola Custom Theme Test 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress JaviBola Custom Theme Test plugin <= 2.0.5 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin JaviBola Custom Theme Test versions = 2.0.5...

MAL-2026-2023 Malicious code in @mesh-components/customthemeprovider (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20b2e29319a8cb96867858b20a43a684624167dc62c186de47de7e7e7e8c8a2a The package @mesh-components/customthemeprovider was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2011-3815

Malware in sbrugna...

EUVD-2023-41887

Malicious code in bioql PyPI...

CVE-2023-38061

In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible...

CVE-2011-3858

Cross-site scripting XSS vulnerability in the Pixiv Custom theme before 2.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2023-6880

The Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields in all versions up to, and including, 45.6.0 due to insufficient input sanitizatio...

CVE-2023-38061

In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible...

CVE-2023-38061

In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible...

Cross site scripting

In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible...

CVE-2023-38061

In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible...

CVE-2023-38061

In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible...

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

How to Customize Gateway Login Page Labels for Custom Theme when nFactor Login Schema is enabled

This article helps you customize gateway login page labels such as username/password field labels for custom theme when you are using nfactor authentication...

How to Create Custom Theme for Logon Page of NetScaler Gateway 10.1 and 10.5

This article describes how to create custom theme for logon page of NetScaler Gateway virtual server...

Ngrev - Tool For Reverse Engineering Of Angular Applications

Graphical tool for reverse engineering of Angular projects. It allows you to navigate in the structure of your application and observe the relationship between the different modules, providers, and directives. The tool performs static code analysis which means that you don't have to run your...

WordPress Custom Community Theme <= 2.0.24 - Stored XSS

Because of this vulnerability, any user can perform a stored XSS attack. Solution Update the theme...

WordPress Pixiv Custom Theme 2.1.5 - Cross Site Scripting

WordPress Pixiv Custom theme's "cpage" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...