24 matches found
WordPress Donation Thermometer plugin cross-site scripting vulnerability
The WordPress Donation Thermometer plugin is a plugin for WordPress sites that visualizes the progress of donations by displaying a progress bar usually like a thermometer. The WordPress Donation Thermometer plugin suffers from a cross-site scripting vulnerability that stems from the application'...
CVE-2025-67550
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...
EUVD-2025-202096
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...
CVE-2025-67550
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...
CVE-2025-67550 WordPress Donation Thermometer plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...
CVE-2025-67550
CVE-2025-67550 is a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Donation Thermometer (donation-thermometer). The issue allows stored XSS due to improper input neutralization during web page generation, affecting the plugin versions
CVE-2025-67550 WordPress Donation Thermometer plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...
WordPress plugin Donation Thermometer 跨站脚本漏洞
The WordPress Donation Thermometer plugin is a plugin for WordPress sites that visualizes the progress of donations by displaying a progress bar usually like a thermometer. The WordPress Donation Thermometer plugin suffers from a cross-site scripting vulnerability that stems from the application'...
PT-2025-49924
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...
WordPress Donation Thermometer plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Donation Thermometer versions = 2.2.6...
EUVD-2022-42555
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-3128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin t...
CVE-2022-3128
The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3128
The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3128
The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3128
The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3128
The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3128
The CVE-2022-3128 entry concerns the Donation Thermometer WordPress plugin (versions before 2.1.3). The vulnerability arises because certain plugin settings are not properly sanitized/escaped, enabling Stored Cross-Site Scripting (XSS) by highly privileged users (e.g., administrators), even when ...
CVE-2022-3128 Donation Thermometer < 2.1.3 - Admin+ Stored Cross-Site Scripting
The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...