11 matches found
EUVD-2025-11639
Malicious code in bioql PyPI...
CVE-2025-27337
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...
CVE-2025-27337
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...
CVE-2025-27337 WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...
CVE-2025-27337 WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...
CVE-2025-27337
CVE-2025-27337 is a WordPress Fontsampler plugin vulnerability: CSRF-enabled, leading to a reflected Cross-Site Scripting (XSS) in Fontsampler versions up to and including 0.4.14. The issue arises from improper input neutralization during web page generation, enabling an attacker to trigger XSS w...
WordPress plugin Fontsampler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...
PT-2025-17072 · Unknown · Kontur Fontsampler
Name of the Vulnerable Software and Affected Versions: kontur Fontsampler versions 0.4.14 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can...
WordPress Fontsampler Plugin <= 0.4.14 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Fontsampler versions = 0.4.14...
Fontsampler < 0.4.13 - CSRF to Authenticated Reflected Cross-Site Scripting (XSS)
The plugin did not properly check for CSRF and authorisation in its ajaxgetmockfontsampler AJAX action, which could lead to an authenticated reflected XSS issue as user input was then output without being sanitised first. PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: / Accept-Language:...
Fontsampler < 0.4.13 - CSRF to Authenticated Reflected Cross-Site Scripting (XSS)
The plugin did not properly check for CSRF and authorisation in its ajaxgetmockfontsampler AJAX action, which could lead to an authenticated reflected XSS issue as user input was then output without being sanitised first. POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: / Accept-Language:...