CVE-2026-7421 Passeum Ticketing <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'shop_name' Setting

The Passeum Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.0. This is due to the getshopurl method returning the shopname setting value without sanitization when it begins with "http", combined with insufficient validation in th...

CVE-2026-7421 Passeum Ticketing <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'shop_name' Setting

The Passeum Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.0. This is due to the getshopurl method returning the shopname setting value without sanitization when it begins with "http", combined with insufficient validation in th...

CVE-2021-47922 WordPress Plugin Slider by Soliloquy 2.6.2 Stored XSS

Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScript payloads in the title field when creating or editing sliders, which executes in the browsers of...

CVE-2021-47922

The CVE concerns the WordPress plugin Slider by Soliloquy version 2.6.2, which is reported to contain a stored cross-site scripting (XSS) vulnerability. The vulnerability occurs in the title parameter when creating or editing sliders, allowing an authenticated attacker to inject JavaScript that c...

REDAXO CMS is vulnerable to RCE attack through its template management component

A Remote Code Execution RCE vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages...

CVE-2025-64050

A Remote Code Execution RCE vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages...

CVE-2025-64050

A Remote Code Execution RCE vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages...

CVE-2025-64050

The CVE describes a Remote Code Execution in REDAXO CMS (v5.20.0) tied to the template management component. An authenticated administrator can inject PHP code into an active template, leading to command execution when frontend pages render the compromised template. Impact is high (CVE metrics sh...

PYSEC-2025-56

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential...

OctoPrint 安全漏洞

OctoPrint is an open source application from OctoPrint. It provides a fast web interface for controlling consumer 3D printers. A security vulnerability exists in OctoPrint 1.10.3 and earlier versions, which stems from a login redirection bypass that could result in direct access to front-end page...

Cross site scripting

The Top Bar WordPress plugin before 3.0.4 does not sanitise and escape some of its settings before outputting them in frontend pages, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for examp...

WP Contact Slider < 2.4.8 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Create/edit a Contact slider and put the payload below in the "Text to display" option:...

Popup Maker < 1.16.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks As a user with the Contributor or above, create a new Popup in Popup Maker menu with "content" field containing...

Top Bar < 3.0.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings before outputting them in frontend pages, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put t...

Print, PDF, Email by PrintFriendly < 5.2.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed In the plugin's settings, tick 'Custom Button' and put the following payload ...

Sideblog <= 6.0 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping " document.getElementById"test".submit; The XSS will be...

Clipr <= 1.2.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfilteredhtml capability is disallowed Put the following payload in the API Key settings of the plugin: 'alert/XSS/ The XSS will be...

Ibtana < 1.1.4.9 - Subscriber+ Settings Update to Stored XSS

The plugin does not have authorisation and CSRF checks in the ivesavegeneralsettings AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings which could lead to Stored Cross-Site Scripting issue. Note: v1.1.4.7 added CSRF check, authorisation...

WPLegalPages < 2.7.1 - Subscriber+ Arbitrary Settings Update to Stored XSS

The plugin does not check for authorisation and has a flawed CSRF logic when saving its settings, allowing any authenticated users, such as subscriber, to update them. Furthermore, due to the lack of sanitisation and escaping, it could lead to Stored Cross-Site Scripting Run the below command in...

Insight Core <= 1.0 - Subscriber+ PHP Object Injection & Stored XSS

The plugin does not have any authorisation and CSRF checks in the insightcustomizeroptionsimport available to any authenticated user, does not validate user input before passing it to unserialize, nor sanitise and escape it before outputting it in the response. As a result, it could allow users...