29 matches found
EUVD-2024-35457
Malicious code in bioql PyPI...
EUVD-2023-27890
Malicious code in bioql PyPI...
EUVD-2025-31257
Malicious code in bioql PyPI...
CVE-2025-60147
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Feed ht-instagram allows Stored XSS.This issue affects HT Feed: from n/a through = 1.3.0...
WordPress HT Feed Plugin <= 1.3.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin HT Feed versions = 1.3.0...
CVE-2025-60147
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Feed ht-instagram allows Stored XSS.This issue affects HT Feed: from n/a through = 1.3.0...
CVE-2025-60147 WordPress HT Feed Plugin <= 1.3.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Feed ht-instagram allows Stored XSS.This issue affects HT Feed: from n/a through = 1.3.0...
CVE-2025-60147 WordPress HT Feed Plugin <= 1.3.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HT Plugins HT Feed ht-instagram allows Stored XSS.This issue affects HT Feed: from n/a through = 1.3.0...
CVE-2025-60147
CVE-2025-60147: Stored XSS in HT Feed (HT Plugin) affecting HT Feed versions from n/a up to 1.3.0 due to improper input neutralization during web page generation. Base score 6.5 (Medium). Patch status: Patched (remediation details not published in provided docs). Exploitation status not disclosed...
WordPress plugin HT Feed 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-39590
Name of the Vulnerable Software and Affected Versions HT Feed versions through 1.3.0 Description The HT Feed plugin contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This means an attacker could inject malicious scripts...
CVE-2024-35699
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2023-23804
Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...
CVE-2024-35699
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2024-35699 WordPress HT Feed plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2024-35699
CVE-2024-35699 is a Stored XSS flaw in HT Feed (HasThemes) affecting HT Feed versions up to 1.2.8. The issue arises from improper input neutralization during web page generation, enabling authenticated users to inject scripts. Red Hat/ENISA Wordfence context confirms the vulnerability and notes a...
WordPress plugin HT Feed cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-26647 · Hasthemes · Ht Feed
Name of the Vulnerable Software and Affected Versions: HasThemes HT Feed versions 1.2.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in HasThemes HT Feed...
WordPress HT Feed plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin HT Feed versions = 1.2.8...
WordPress HT Feed Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)
Software HT Feed Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35699 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9f74b2cf8eb8 Credits LVT-tholv2k Required privilege Contributor...