10 matches found
WordPress dbview plugin cross-site scripting vulnerability
WordPress dbview plugin is a plugin for database query and display , developed by John Akers. The plugin through AJAX technology to achieve real-time query and dynamic display of database data , support for the direct execution of SQL statements and visual presentation of the results . WordPress...
EUVD-2025-31685
Malicious code in bioql PyPI...
CVE-2025-10182
The dbview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dbview' shortcode in all versions up to, and including, 0.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-10182
The dbview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dbview' shortcode in all versions up to, and including, 0.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-10182 dbview <= 0.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The dbview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dbview' shortcode in all versions up to, and including, 0.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-10182
CVE-2025-10182: WordPress dbview plugin variants up to 0.5.5 exposed a Stored Cross-Site Scripting vulnerability in the dbview shortcode due to insufficient input sanitization and output escaping. Authenticated attackers with contributor-level access or higher can inject scripts that run when use...
CVE-2025-10182 dbview <= 0.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The dbview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dbview' shortcode in all versions up to, and including, 0.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
WordPress plugin dbview 跨站脚本漏洞
WordPress dbview plugin is a plugin for database query and display , developed by John Akers. The plugin through AJAX technology to achieve real-time query and dynamic display of database data , support for the direct execution of SQL statements and visual presentation of the results . WordPress...
PT-2025-39934
Name of the Vulnerable Software and Affected Versions dbview plugin for WordPress versions prior to 0.5.6 Description The dbview plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'dbview' shortcode. Insufficient input sanitization and output escaping on user-supplied...
WordPress dbview plugin <= 0.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin dbview versions = 0.5.5...