161 matches found
WordPress BWL Advanced FAQ Manager Lite plugin <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sbox_id' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'sboxid' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin BWL Advanced FAQ Manager Lite versions = 1.1.1...
CVE-2026-4075
CVE-2026-4075 : The BWL Advanced FAQ Manager Lite WordPress plugin is vulnerable to a Stored Cross-Site Scripting (XSS) via the baf_sbox shortcode in all versions up to 1.1.1. The issue arises from insufficient input sanitization and output escaping of user-supplied shortcode attributes (e.g., sb...
WordPress Advanced FAQ Manager plugin cross-site scripting vulnerability (CNVD-2025-3073485)
The WordPress Advanced FAQ Manager plugin is a plugin designed for WordPress websites to help users easily create, manage and display Frequently Asked Questions FAQ pages. The WordPress Advanced FAQ Manager plugin suffers from a cross-site scripting vulnerability that stems from the application's...
WordPress Advanced FAQ Manager plugin cross-site scripting vulnerability
The WordPress Advanced FAQ Manager plugin is a plugin designed for WordPress websites to help users easily create, manage and display Frequently Asked Questions FAQ pages. The WordPress Advanced FAQ Manager plugin suffers from a cross-site scripting vulnerability that stems from improper input...
CVE-2025-67553
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows DOM-Based XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
CVE-2025-67556
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows Stored XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
EUVD-2025-202090
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows Stored XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
EUVD-2025-202093
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows DOM-Based XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
CVE-2025-67556
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows Stored XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
CVE-2025-67553
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows DOM-Based XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
CVE-2025-67556
CVE-2025-67556 refers to a stored cross-site scripting (XSS) vulnerability in the WordPress plugin Advanced FAQ Manager (ThemeHigh) affecting versions
CVE-2025-67556 WordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows Stored XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
CVE-2025-67556 WordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows Stored XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
CVE-2025-67553
CVE-2025-67553 affects the WordPress Advanced FAQ Manager plugin (versions
CVE-2025-67553 WordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows DOM-Based XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
CVE-2025-67553 WordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows DOM-Based XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
PT-2025-49927
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHigh Advanced FAQ Manager advanced-faq-manager allows DOM-Based XSS.This issue affects Advanced FAQ Manager: from n/a through = 1.5.2...
WordPress plugin Advanced FAQ Manager 跨站脚本漏洞
The WordPress Advanced FAQ Manager plugin is a plugin designed for WordPress websites to help users easily create, manage and display Frequently Asked Questions FAQ pages. The WordPress Advanced FAQ Manager plugin suffers from a cross-site scripting vulnerability that stems from improper input...
WordPress plugin Advanced FAQ Manager 跨站脚本漏洞
The WordPress Advanced FAQ Manager plugin is a plugin designed for WordPress websites to help users easily create, manage and display Frequently Asked Questions FAQ pages. The WordPress Advanced FAQ Manager plugin suffers from a cross-site scripting vulnerability that stems from the application's...
WordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Advanced FAQ Manager versions = 1.5.2...