6 matches found
EUVD-2024-45684
Malicious code in bioql PyPI...
CVE-2025-58217
Cross-Site Request Forgery CSRF vulnerability in GeroNikolov Instant Breaking News instant-breaking-news allows Stored XSS.This issue affects Instant Breaking News: from n/a through = 1.0...
PT-2025-34926 · Unknown · Geronikolov Instant Breaking News
Name of the Vulnerable Software and Affected Versions: GeroNikolov Instant Breaking News versions n/a through 1.0 Description: A Cross-Site Request Forgery CSRF vulnerability exists in GeroNikolov Instant Breaking News, which also allows Stored Cross-Site Scripting XSS. Recommendations: At the...
CVE-2024-51889
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GeroNikolov Fancy User List fancy-user-listing allows Stored XSS.This issue affects Fancy User List: from n/a through = 3.1...
CVE-2024-51889
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GeroNikolov Fancy User List fancy-user-listing allows Stored XSS.This issue affects Fancy User List: from n/a through = 3.1...
CVE-2024-51889
CVE-2024-51889 is a stored XSS vulnerability in the WordPress plugin Fancy User List (versions up to 3.1). The issue arises from improper neutralization of input during web page generation, enabling stored cross-site scripting when a user with enough privileges accesses affected pages. Publicly d...