Malicious code in markdown-it-embed (npm)

The package markdown-it-embed was found to contain malicious code...

MAL-2025-8963 Malicious code in @malware-test-stilt-norks-embed-cnida/test-mlw3-stilt-norks-embed-cnida (npm)

The package @malware-test-stilt-norks-embed-cnida/test-mlw3-stilt-norks-embed-cnida was found to contain malicious code...

CVE-2025-49061

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perteus Porn Videos Embed porn-videos-embed allows Stored XSS.This issue affects Porn Videos Embed: from n/a through = 0.9.1...

CVE-2025-49061 WordPress Porn Videos Embed plugin <= 0.9.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perteus Porn Videos Embed allows Stored XSS. This issue affects Porn Videos Embed: from n/a through 0.9.1...

CVE-2025-49061 WordPress Porn Videos Embed plugin <= 0.9.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perteus Porn Videos Embed porn-videos-embed allows Stored XSS.This issue affects Porn Videos Embed: from n/a through = 0.9.1...

CVE-2025-49061

CVE-2025-49061 is a stored XSS vulnerability in the WordPress plugin “Porn Videos Embed” (versions n/a through 0.9.1). The issue arises from improper input neutralization during web page generation, enabling stored cross-site scripting. Affected software: Porn Videos Embed (WordPress plugin)

PT-2025-33190 · Unknown · Porn Videos Embed

Name of the Vulnerable Software and Affected Versions: Porn Videos Embed versions n/a through 0.9.1 Description: The software contains an improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. Recommendations: At the moment, there is no...

WordPress plugin Porn Videos Embed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

Session Fixation

Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Session Fixation via the rewrite valve if enabled for a web application. An attacker can gain unauthorized access to another user's session by crafting a request...

Malicious code in @seznam-diskuze/embed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 03c95e188163b615484b4882358ea8d4a9411661fa3bb701052fd608c8f6c4b7 The OpenSSF Package Analysis project identified '@seznam-diskuze/embed' @ 100.2.0 npm as malicious. It is considered malicious because: - The...

MAL-2025-6828 Malicious code in @seznam-diskuze/embed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 03c95e188163b615484b4882358ea8d4a9411661fa3bb701052fd608c8f6c4b7 The OpenSSF Package Analysis project identified '@seznam-diskuze/embed' @ 100.2.0 npm as malicious. It is considered malicious because: - The...

firefox: thunderbird: javascript: URLs executed on object and embed tags

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags...

WordPress esri-map-view cross-site scripting vulnerability

WordPress esri-map-view is used to embed Esri/ArcGIS maps or scenes in websites. The plugin realizes map display through short code, supports selecting base map, setting initial view angle, adding custom layers, pop-up information window and other functions, and can embed preconfigured web maps o...

Linux Distros Unpatched Vulnerability : CVE-2024-10458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR...

firefox: thunderbird: javascript: URLs executed on object and embed tags

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags...

firefox: thunderbird: javascript: URLs executed on object and embed tags

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags...

firefox: thunderbird: javascript: URLs executed on object and embed tags

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags...

firefox: thunderbird: javascript: URLs executed on object and embed tags

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags...

firefox: thunderbird: javascript: URLs executed on object and embed tags

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags...

firefox: thunderbird: javascript: URLs executed on object and embed tags

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags...