EUVD-2022-24602

Malicious code in bioql PyPI...

EUVD-2025-5380

Malicious code in bioql PyPI...

CVE-2022-2775

The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-1269

The Fast Flow WordPress plugin before 1.2.12 does not sanitise and escape the page parameter before outputting back in an attribute in an admin dashboard, leading to a Reflected Cross-Site Scripting...

CVE-2025-26868

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fastflow Fast Flow fast-flow-dashboard allows Reflected XSS.This issue affects Fast Flow: from n/a through = 1.2.16...

CVE-2025-26868

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fastflow Fast Flow fast-flow-dashboard allows Reflected XSS.This issue affects Fast Flow: from n/a through = 1.2.16...

CVE-2025-26868 WordPress Fast Flow plugin <= 1.2.16 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fastflow Fast Flow fast-flow-dashboard allows Reflected XSS.This issue affects Fast Flow: from n/a through = 1.2.16...

CVE-2025-26868 WordPress Fast Flow plugin <= 1.2.16 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fastflow Fast Flow fast-flow-dashboard allows Reflected XSS.This issue affects Fast Flow: from n/a through = 1.2.16...

CVE-2025-26868

CVE-2025-26868 refers to a reflected XSS in the WordPress plugin Fast Flow (Fast Flow). Connected sources confirm the flaw is caused by improper neutralization of input during web page generation, enabling reflected cross-site scripting. Affected are Fast Flow versions up to 1.2.16. The vulnerabi...

PT-2025-7829 · Fast Flow · Fast Flow

Name of the Vulnerable Software and Affected Versions: Fast Flow versions 1.2.16 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS attacks. Recommendations: For versions...

WordPress plugin Fast Flow 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Fast Flow plugin <= 1.2.16 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Fast Flow versions = 1.2.16...

CVE-2022-2775

The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2775

The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2775

The CVE-2022-2775 entry concerns the Fast Flow WordPress plugin, affected versions prior to 1.2.13. The root cause is inadequate sanitization/escaping of widget settings, enabling Stored Cross-Site Scripting (XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, inc...

CVE-2022-2775 Fast Flow < 1.2.13 - Admin+ Stored Cross-Site Scripting

The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2022-18573 · WordPress · Fast Flow Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Fast Flow WordPress plugin versions prior to 1.2.13 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in...

WordPress plugin Fast Flow 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

Fast Flow < 1.2.12 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting ' https://example.com/wp-admin/admin.php?page=fast-flow&p="...

WordPress Fast Flow Plugin <= 1.2.11 - Reflected Stored Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by p7e4 in Fast Flow plugin versions = 1.2.11 Solution Update the WordPress Fast Flow plugin to the latest available version at least 1.2.12...