5107 matches found
CVE-2025-71245
...
CVE-2026-25453
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25412
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-25453
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25453 WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25453 WordPress Advanced iFrame plugin <= 2025.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25453
CVE-2026-25453 : DOM-based XSS in WordPress plugin Advanced iFrame (advanced-iframe) due to improper input neutralization during web page generation. Affected: Advanced iFrame versions up to 2025.10. The CVSS v3.1 base score is 6.5 (Medium). Exploitation details are not provided in the documents;...
CVE-2026-25412
The CVE-2026-25412 entry concerns the WordPress Advanced iFrame plugin (
CVE-2026-25412
...
CVE-2026-25412
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-25412
...
SPIP 安全漏洞
SPIP is an open-source software developed by SPIP for creating Internet websites. Versions of SPIP prior to 4.4.8 contained security vulnerabilities. These vulnerabilities stemmed from improper sandboxing or escaping of iframe content in private areas, which could lead to cross-site scripting...
WordPress plugin Advanced iFrame 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-20917
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.7.0 Description Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Modifying chat history before version 0.7.0 allows manipulation of the html property within...
PT-2026-20737
Missing Authorization vulnerability in mdempfle Advanced iFrame advanced-iframe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced iFrame: from n/a through = 2025.10...
Linux Distros Unpatched Vulnerability : CVE-2026-26223
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP before 4.4.8 allows cross-site scripting XSS in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe...
PT-2026-20749
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
PT-2026-20843
SPIP before 4.4.8 allows Cross-Site Scripting XSS in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe content in the back-office, allowing an attacker to inject and execute malicious scripts. The fix adds a sandbox attribute to iframe tags in...
PT-2026-20918
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.6.44 Description Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Manually modifying chat history allows setting the embeds property on a response message. The...
WordPress plugin Popup Box – Easily Create WordPress Popups 操作系统命令注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...