CVE-2025-15378

CVE-2025-15378 concerns the WordPress AJS Footnotes plugin, where versions up to 1.0 are vulnerable to a stored XSS due to missing authorization/nonce verification on settings save and insufficient input sanitization/output escaping on two parameters: note_list_class and popup_display_effect_in. ...

PT-2026-2825

The AJS Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'note list class' and 'popup display effect in' parameters in all versions up to, and including, 1.0 due to missing authorization and nonce verification on settings save, as well as insufficient input...

EUVD-2008-0701

Malware in sbrugna...

EUVD-2023-57911

Malicious code in bioql PyPI...

EUVD-2025-9284

Malicious code in bioql PyPI...

CVE-2025-50049 WordPress Modern Footnotes plugin <= 1.4.19 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in prismtechstudios Modern Footnotes modern-footnotes allows Stored XSS.This issue affects Modern Footnotes: from n/a through = 1.4.19...

CVE-2023-28423

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Prism Tech Studios Modern Footnotes plugin = 1.4.15 versions...

CVE-2023-5618

The Modern Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in versions up to, and including, 1.4.16 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...

CVE-2023-5618

CVE-2023-5618: The WordPress plugin Modern Footnotes (versions

WordPress Modern Footnotes Plugin <= 1.4.16 is vulnerable to Cross Site Scripting (XSS)

Software Modern Footnotes Type Plugin Vulnerable versions = 1.4.16 Fixed in 1.4.17 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5618 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 750bae0a79da Credits Dmitrii Ignatyev...

CVE-2023-28423

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Prism Tech Studios Modern Footnotes plugin = 1.4.15 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Prism Tech Studios Modern Footnotes plugin = 1.4.15 versions...

CVE-2023-28423

CVE-2023-28423: Stored XSS in Prism Tech Studios Modern Footnotes WordPress plugin

CVE-2023-28423 WordPress Modern Footnotes Plugin <= 1.4.15 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Prism Tech Studios Modern Footnotes plugin = 1.4.15 versions...

CVE-2023-28423 WordPress Modern Footnotes Plugin <= 1.4.15 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Prism Tech Studios Modern Footnotes plugin = 1.4.15 versions...

PT-2023-21710 · Unknown · Modern Footnotes

Name of the Vulnerable Software and Affected Versions: Modern Footnotes plugin versions prior to 1.4.16 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For versions prior to 1.4.16,...