928 matches found
CVE-2025-58033
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leeshadle Draft website-builder allows Stored XSS.This issue affects Draft: from n/a through = 3.0.9...
WordPress Draft Plugin <= 3.0.9 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Draft versions = 3.0.9...
CVE-2025-58033 WordPress Draft Plugin <= 3.0.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leeshadle Draft website-builder allows Stored XSS.This issue affects Draft: from n/a through = 3.0.9...
CVE-2025-58033 WordPress Draft Plugin <= 3.0.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leeshadle Draft website-builder allows Stored XSS.This issue affects Draft: from n/a through = 3.0.9...
CVE-2025-58033
Technical details about CVE-2025-58033 are not provided in the supplied documents; no affected versions, exploits, or remediation specifics are present. Monitor for updates from vendors and advisories.
CVE-2025-10181
The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...
WordPress plugin Draft 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-38882
Name of the Vulnerable Software and Affected Versions leeshadle Draft versions through 3.0.9 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue. This allows for the injection of...
CVE-2025-10181
The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...
CVE-2025-10181
The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...
CVE-2025-10181 Draft List <= 2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...
WordPress Draft List plugin <= 2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Whyshealwaysbrokeme in WordPress Plugin Draft List versions = 2.6...
WordPress plugin Draft List 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
Linux Distros Unpatched Vulnerability : CVE-2021-32476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6,...
Linux Distros Unpatched Vulnerability : CVE-2020-1767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Agent A is able to save a draft i.e. for customer reply. Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the...
CVE-2025-7499
The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getresponse function in all versions up ...
CVE-2025-7499
The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getresponse function in all versions up ...
CVE-2025-7499 BetterDocs <= 4.1.1 - Missing Authorization to Private And Password-Protected Posts Information Disclosure
The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getresponse function in all versions up ...
CVE-2025-7499
The CVE-2025-7499 entry concerns the BetterDocs plugin for WordPress, with a missing capability check in the get_response function present in all versions up to 4.1.1. This allows unauthenticated attackers to access passwords for password-protected documents and metadata of private/draft document...
CVE-2025-7499 BetterDocs <= 4.1.1 - Missing Authorization to Private And Password-Protected Posts Information Disclosure
The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getresponse function in all versions up ...