17 matches found
CVE-2025-15440
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Parameters in all versions up to, and including, 2.0.57 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-15440
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Parameters in all versions up to, and including, 2.0.57 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-15440
The affected product is the WordPress plugin iONE360 configurator . It is vulnerable to a Stored Cross‑Site Scripting (XSS) in the Contact Form parameters in all versions up to and including 2.0.57 , caused by insufficient input sanitization and output escaping. This allows unauthenticated attack...
CVE-2025-15440 iONE360 configurator <= 2.0.57 - Unauthenticated Stored Cross-Site Scripting via Contact Form Parameters
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Parameters in all versions up to, and including, 2.0.57 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-15440
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Parameters in all versions up to, and including, 2.0.57 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-15440 iONE360 configurator <= 2.0.57 - Unauthenticated Stored Cross-Site Scripting via Contact Form Parameters
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Parameters in all versions up to, and including, 2.0.57 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
WordPress plugin iONE360 configurator 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-7492
Name of the Vulnerable Software and Affected Versions iONE360 Configurator plugin for WordPress versions through 2.0.57 Description The iONE360 Configurator plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping in the...
EUVD-2025-11666
Malicious code in bioql PyPI...
CVE-2025-32529
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iONE360 iONE360 configurator ione360-configurator allows Reflected XSS.This issue affects iONE360 configurator: from n/a through = 2.0.57...
CVE-2025-32529
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iONE360 iONE360 configurator ione360-configurator allows Reflected XSS.This issue affects iONE360 configurator: from n/a through = 2.0.57...
CVE-2025-32529
CVE-2025-32529 denotes a Reflected XSS in the iONE360 configurator affecting versions 2.0.56 and earlier. The descriptive and connected sources confirm the affected product and the attack type, with a CVSS v3.1 base score of 7.1 (HIGH) indicating significant impact. The provided documents do not ...
CVE-2025-32529 WordPress iONE360 configurator plugin <= 2.0.57 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iONE360 iONE360 configurator ione360-configurator allows Reflected XSS.This issue affects iONE360 configurator: from n/a through = 2.0.57...
CVE-2025-32529 WordPress iONE360 configurator plugin <= 2.0.57 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iONE360 iONE360 configurator ione360-configurator allows Reflected XSS.This issue affects iONE360 configurator: from n/a through = 2.0.57...
PT-2025-17101 · Unknown · Ione360 Configurator
Name of the Vulnerable Software and Affected Versions: iONE360 configurator versions 2.0.0 through 2.0.56 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS in the iONE360 configurator...
WordPress plugin iONE360 configurator 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress iONE360 configurator plugin <= 2.0.57 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin iONE360 configurator versions = 2.0.57...