WordPress plugin FLX Dashboard Groups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-5055 · Unknown · Flx Dashboard Groups

Name of the Vulnerable Software and Affected Versions: FLX Dashboard Groups versions 0.0.0 through 0.0.7 Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected cross-site scripting XSS. This means an attacker can inject malicio...

CVE-2025-22735

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Burge WordPress Tag Cloud Plugin – Tag Groups tag-groups allows Reflected XSS.This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through = 2.0.4...

CVE-2025-22735 WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TaxoPress WordPress Tag Cloud Plugin – Tag Groups allows Reflected XSS. This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through 2.0.4...

CVE-2025-22735

CVE-2025-22735 is a reflected Cross-Site Scripting (XSS) vulnerability in the TaxoPress WordPress Tag Cloud Plugin – Tag Groups. The issue is described as improper neutralization of input during web page generation and affects Tag Groups versions up to 2.0.4 (on WordPress Tag Cloud Plugin – Tag G...

CVE-2025-22735 WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Burge WordPress Tag Cloud Plugin – Tag Groups tag-groups allows Reflected XSS.This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through = 2.0.4...

PT-2025-4659 · WordPress · Taxopress Wordpress Tag Cloud Plugin

Name of the Vulnerable Software and Affected Versions: TaxoPress WordPress Tag Cloud Plugin – Tag Groups versions prior to 2.0.4 Description: The issue is related to improper neutralization of input during web page generation, allowing reflected Cross-site Scripting XSS. This enables attackers to...

WordPress plugin WordPress Tag Cloud Plugin – Tag Groups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WordPress Tag Cloud Plugin...

GHSA-JHVJ-F397-8W6Q HAL Console has a Cross Site Scripting (XSS) vulnerability of user input

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

WordPress FLX Dashboard Groups plugin <= 0.0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin FLX Dashboard Groups versions = 0.0.7...

PlugX malware deleted from thousands of systems by FBI

The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the People’s Republic of China PRC used a version of PlugX malware to control, and steal information from victims' computers. PlugX h...

`root` appended to group listings

Affected versions append root to group listings, unless the correct listing has exactly 1024 groups. This affects both: - The supplementary groups of a user - The group access list of the current process If the caller uses this information for access control, this may lead to privilege escalation...

PT-2025-23647 · Crates.Io · Users

Affected versions append root to group listings, unless the correct listing has exactly 1024 groups. This affects both: - The supplementary groups of a user - The group access list of the current process If the caller uses this information for access control, this may lead to privilege...

Cross-site Scripting (XSS)

Overview org.jboss.hal:hal-core is a Core HAL API. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper neutralization of user-controllable input before it is placed in output that is served as a web page. An attacker can execute arbitrary script in the...

GHSA-5WJW-H8X5-V65M Duplicate Advisory: Wildfly HAL Console Cross-Site Scripting

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jhvj-f397-8w6q. This link is maintained to preserve external references. Original Description A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes...

CVE-2025-23366

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

CVE-2025-23366

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

CVE-2025-23366

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

CVE-2025-23366

The CVE-2025-23366 issue affects the HAL Console component of WildFly, where user-controllable input is not properly neutralized before being rendered in web output, enabling Cross-Site Scripting (XSS) when authenticated as a user in the management groups SuperUser/Admin/Maintainer. Practical imp...

WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress Tag Cloud Plugin - Tag Groups plugin = 2.0.4 - Reflected Cross Site Scripting XSS vulnerability discovered by minhtuanact Patchstack Alliance in WordPress Plugin WordPress Tag Cloud Plugin – Tag Groups versions = 2.0.4...