CVE-2026-44898

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

DEBIAN-CVE-2026-44898

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

UBUNTU-CVE-2026-44898

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

CVE-2026-44898

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

CVE-2026-44898

Mistune (Python Markdown parser) contains a TOC rendering flaw in render_toc_ul() prior to version 3.2.1: it inserts the heading ID (k) and text directly into an and the visible label without escaping, enabling an attacker to craft a heading whose text breaks out of the href context and injects ...

CVE-2026-44898

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendertocul function. An attacker can execute arbitrary JavaScript in the context of the rendered page by injecting malicious input into heading text, which is then used unescaped as an anchor ID and labe...

CVE-2021-24482

The Related Posts for WordPress plugin through 2.0.4 does not sanitise its headingtext and CSS settings, allowing high privilege users admin to set XSS payloads in them, leading to Stored Cross-Site Scripting issues...

Related Posts for WordPress < 2.0.5 - Authenticated Stored XSS & XFS

The plugin does not sanitise its headingtext and css settings, allowing high privilege users admin to set XSS payloads in them, leading to Stored Cross-Site Scripting issues. PoC Payloads: $ m0ze"...

CVE-2017-18600

The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form Heading Heading Text" field...

Design/Logic Flaw

The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form Heading Heading Text" field...

CVE-2017-18600

The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form Heading Heading Text" field...

FormCraft - Premium WordPress Form Builder <= v3.2.31 - Authenticated Stored XSS

WordPress FormCraft Premium WordPress Form Builder versions 3.2.31 and below suffer from a persistent Cross-Site Scripting XSS vulnerability. Authenticated Stored XSS: New Form Heading Heading Text input field is vulnerable. The payload will execute when the form is displayed...