21 matches found
EUVD-2024-46465
Malicious code in bioql PyPI...
EUVD-2025-3457
Malicious code in bioql PyPI...
CVE-2025-23827
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in straps Strx Magic Floating Sidebar Maker strx-magic-floating-sidebar-maker allows Stored XSS.This issue affects Strx Magic Floating Sidebar Maker: from n/a through = 1.4.1...
CVE-2025-23827
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in straps Strx Magic Floating Sidebar Maker strx-magic-floating-sidebar-maker allows Stored XSS.This issue affects Strx Magic Floating Sidebar Maker: from n/a through = 1.4.1...
CVE-2025-23827 WordPress Strx Magic Floating Sidebar Maker plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in straps Strx Magic Floating Sidebar Maker strx-magic-floating-sidebar-maker allows Stored XSS.This issue affects Strx Magic Floating Sidebar Maker: from n/a through = 1.4.1...
CVE-2025-23827
CVE-2025-23827 affects Strx Magic Floating Sidebar Maker (WordPress plugin). Description: Stored XSS due to improper neutralization of input during web page generation. Impact: stored Cross-Site Scripting via vulnerable input; affects Strx Magic Floating Sidebar Maker versions from n/a up to and ...
CVE-2025-23827 WordPress Strx Magic Floating Sidebar Maker plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in straps Strx Magic Floating Sidebar Maker strx-magic-floating-sidebar-maker allows Stored XSS.This issue affects Strx Magic Floating Sidebar Maker: from n/a through = 1.4.1...
WordPress Strx Magic Floating Sidebar Maker plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Strx Magic Floating Sidebar Maker versions = 1.4.1...
CVE-2024-5226 Fuse Social Floating Sidebar <= 5.4.10 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload
The Fuse Social Floating Sidebar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the file upload functionality in all versions up to, and including, 5.4.10 due to insufficient validation of SVG files. This makes it possible for authenticated attackers, with contributor-level...
WordPress Fuse Social Floating Sidebar plugin <= 5.4.10 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload vulnerability
Authenticated Author+ Stored Cross-Site Scripting via File Upload vulnerability discovered by wesley wcraft in WordPress Plugin Fuse Social Floating Sidebar versions = 5.4.10...
WordPress plugin Fuse Social Floating Sidebar 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
Hubbub Lite < 1.32.0 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup As admin, enable the 'Floating Sidebar...
WordPress Fuse Social Floating Sidebar Plugin <= 5.4.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Fuse Social Floating Sidebar Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 393d2a5bd141 Credits István...
CVE-2022-1717
The Custom Share Buttons with Floating Sidebar WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...
CVE-2022-1717
The Custom Share Buttons with Floating Sidebar WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...
CVE-2022-1717 Custom Share Buttons with Floating Sidebar < 4.2 - Admin+ Stored XSS
The Custom Share Buttons with Floating Sidebar WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...
CVE-2022-1717
The CVE-2022-1717 entry affects the WordPress plugin “Custom Share Buttons with Floating Sidebar” (versions before 4.2). The root cause is inadequate sanitisation/escaping of certain settings, enabling Stored XSS when unfiltered_html is disallowed and high-privilege users (e.g., admins) could exp...
WordPress plugin Custom Share Buttons with Floating Sidebar 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Custom Share Buttons with Floating Sidebar plugin versions prior to 4.2 are vulnerable to a...
WordPress Custom Share Buttons with Floating Sidebar plugin <= 4.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in WordPress Custom Share Buttons with Floating Sidebar plugin versions = 4.1. Solution Update the WordPress Custom Share Buttons with Floating Sidebar plugin to the latest available version at least 4.2...
WordPress Fuse Social Floating Sidebar plugin <= 5.4.2 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Fuse Social Floating Sidebar plugin versions = 5.4.2. Solution Update the WordPress Fuse Social Floating Sidebar plugin to the latest available version at least 5.4.3...