EUVD-2025-11116

Malicious code in bioql PyPI...

CVE-2025-26930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in alleythemes Home Services home-services allows DOM-Based XSS.This issue affects Home Services: from n/a through = 1.2.6...

CVE-2025-26930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in alleythemes Home Services home-services allows DOM-Based XSS.This issue affects Home Services: from n/a through = 1.2.6...

CVE-2025-26930

CVE-2025-26930 describes a DOM-based XSS in the alleythemes Home Services WordPress plugin, affecting versions

CVE-2025-26930 WordPress Home Services plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in alleythemes Home Services home-services allows DOM-Based XSS.This issue affects Home Services: from n/a through = 1.2.6...

WordPress plugin Home Services 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-16521 · Unknown · Alleythemes Home Services

Name of the Vulnerable Software and Affected Versions: alleythemes Home Services versions 1.2.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This enables potential attackers to inject malicious script...

WordPress Home Services plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Home Services versions = 1.2.6...

WordPress Home Services Theme <= 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Home Services Type Theme Vulnerable versions = 1.2.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-26930 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ec753abbf944 Credits stealthcopter Required privilege...

ottawahomeservices.ca XSS vulnerability

Vulnerable URL: http://ottawahomeservices.ca/?s=%3C%2Fscript%3E%22%3E%3Cscript%3Eprompt%22OPENBUGBOUNTY%22%3C%2Fscript%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13536385 VIP website status:| No Coordinat...