10 matches found
CVE-2026-33194
SiYuan CVE-2026-33194 affects versions prior to 3.6.2. The vulnerability stems from an incomplete denylist in the IsSensitivePath() function (kernel/util/path.go) which was expanded but still does not block several Linux directories such as /opt, /usr, /home, /mnt, and /media. The affected endpoi...
EUVD-2025-30728
Malicious code in bioql PyPI...
CVE-2025-57901
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DAEXT Import Markdown allows Stored XSS. This issue affects Import Markdown: from n/a through 1.14...
CVE-2025-57901
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-57901
...
CVE-2025-57901
CVE-2025-57901 is listed in connected sources as relating to Import Markdown – Versatile Markdown Importer for WordPress. The connected entry indicates a vulnerability described as an authenticated (Contributor+) Stored Cross-Site Scripting (XSS) via the Markdown import process. In practical term...
CVE-2025-57901
...
WordPress Import Markdown Plugin <= 1.14 is vulnerable to Cross Site Scripting (XSS)
Software Import Markdown Type Plugin Vulnerable versions = 1.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-57901 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3d88e282a665 Credits minseok Kim Required privilege Contributo...
编号撤回
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-39011
Name of the Vulnerable Software and Affected Versions DAEXT Import Markdown versions through 1.14 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Stored Cross-Site Scripting XSS condition. This allows an attacker to...