CVE-2024-34820

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

EUVD-2024-35085

Malicious code in bioql PyPI...

EUVD-2023-56205

Malicious code in bioql PyPI...

WordPress If-So Dynamic Content Personalization Plugin <= 1.9.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin If-So Dynamic Content Personalization versions = 1.9.4...

CVE-2025-58602

CVE-2025-58602 : Stored XSS in WordPress plugin “If-So Dynamic Content Personalization” (

WordPress plugin If-So Dynamic Content Personalization cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-51492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...

CVE-2024-5440

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2024-5440 If-So Dynamic Content Personalization < 1.8.0.3 - Contributor+ Shortcode Stored XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2024-5440

Affected software: WordPress plugin If-So Dynamic Content Personalization, versions prior to 1.8.0.3. Vulnerability: The plugin does not validate and escape certain shortcode attributes before outputting them on the page/post where the shortcode is embedded, enabling Stored XSS if exploited. Impa...

WordPress If-So Dynamic Content Personalization plugin <= 1.9.2.1 - Authenticated (Contributor+) Post Disclosure vulnerability

Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin If-So Dynamic Content Personalization versions = 1.9.2.1...

WordPress if-so plugin < 1.8.0.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin If-So Dynamic Content Personalization versions 1.8.0.4...

WordPress if-so plugin < 1.8.0.4 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin If-So Dynamic Content Personalization versions 1.8.0.4...

CVE-2024-5713

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2024-6070

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2024-5713 if-so < 1.8.0.4 - Reflected XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2024-5713 if-so < 1.8.0.4 - Reflected XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2024-5713

CVE-2024-5713 affects the WordPress If-So Dynamic Content Personalization plugin, prior to version 1.8.0.4. The root cause is failure to escape $_SERVER['REQUEST_URI'] when echoing it into an HTML attribute, enabling Reflected XSS in older browsers. No exploitation details are provided in the sou...

CVE-2024-34820

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

CVE-2024-34820

CVE-2024-34820 : Missing Authorization vulnerability in the WordPress plugin If-So Dynamic Content Personalization (version range: n/a through 1.7.1). Multiple sources (e.g., Red Hat advisories, NVD/NVD detail) corroborate the same issue. The description specifies a broken/absent authorization co...