18 matches found
EUVD-2023-27814
Malicious code in bioql PyPI...
EUVD-2025-11323
Malicious code in bioql PyPI...
CVE-2023-23728
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...
CVE-2025-39540
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhys Wynne WP Flipclock wp-flipclock allows DOM-Based XSS.This issue affects WP Flipclock: from n/a through = 1.9.1...
WordPress WP Flipclock plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin WP Flipclock versions = 1.9.1...
CVE-2025-39540
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhys Wynne WP Flipclock wp-flipclock allows DOM-Based XSS.This issue affects WP Flipclock: from n/a through = 1.9.1...
CVE-2025-39540
CVE-2025-39540 refers to a Cross-Site Scripting (DOM-based) vulnerability in the WordPress plugin WP Flipclock. Public records specify the issue affects WP Flipclock versions up to 1.9.x (1.9.1 cited in patches) and is caused by improper input neutralization during web page generation. Exploitati...
CVE-2025-39540 WordPress WP Flipclock plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhys Wynne WP Flipclock allows DOM-Based XSS. This issue affects WP Flipclock: from n/a through 1.9...
WordPress plugin WP Flipclock 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...
PT-2025-16642 · WordPress · Wp Flipclock
Name of the Vulnerable Software and Affected Versions: WP Flipclock versions 1.9 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker can inject...
CVE-2023-23728
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...
CVE-2023-23728
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...
Cross site scripting
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...
CVE-2023-23728
CVE-2023-23728 affects WordPress WP Flipclock plugin up to version 1.7.4. The root cause is insufficient sanitization/escaping in parameters, enabling a stored XSS that can be triggered by users with Contributor privileges (and higher). Remediation: update to version 1.8 or apply vendor fixes. Ex...
CVE-2023-23728 WordPress WP Flipclock Plugin <= 1.7.4 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...
WordPress Plugin WP Flipclock 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress WP Flipclock Plugin <= 1.7.4 is vulnerable to Cross Site Scripting (XSS)
Software WP Flipclock Type Plugin Vulnerable versions = 1.7.4 Fixed in 1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23728 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 58cef07d9ef3 Credits yuyudhn Required privilege...
WP Flipclock < 1.8 - Contributor+ Stored XSS
The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...