CVE-2025-22660

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wolfgang Include Mastodon Feed include-mastodon-feed allows DOM-Based XSS.This issue affects Include Mastodon Feed: from n/a through = 1.9.9...

WordPress RPS Include Content plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin RPS Include Content versions = 1.2.1...

CVE-2025-31093

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in redpixelstudios RPS Include Content rps-include-content allows DOM-Based XSS.This issue affects RPS Include Content: from n/a through = 1.2.1...

CVE-2025-31093 WordPress RPS Include Content <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in redpixelstudios RPS Include Content allows DOM-Based XSS. This issue affects RPS Include Content: from n/a through 1.2.1...

CVE-2025-31093 WordPress RPS Include Content plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in redpixelstudios RPS Include Content rps-include-content allows DOM-Based XSS.This issue affects RPS Include Content: from n/a through = 1.2.1...

CVE-2025-31093

CVE-2025-31093 is a DOM-based XSS in the WordPress plugin RPS Include Content (RPS Include Content). Affected versions: from n/a through 1.2.1. The issue arises from improper input handling during web page generation, enabling cross-site scripting via the plugin’s include-content functionality. E...

WordPress plugin RPS Include Content 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2025-26909

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Darrel Hide My WP Ghost allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through 5.4.01...

CVE-2025-22660

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wolfgang Include Mastodon Feed include-mastodon-feed allows DOM-Based XSS.This issue affects Include Mastodon Feed: from n/a through = 1.9.9...

CVE-2025-22660

CVE-2025-22660 — WordPress plugin Include Mastodon Feed (up to 1.9.9) is affected by a DOM-based XSS vulnerability due to improper input handling. Connected sources confirm the issue and indicate a patch has been released; updating to a fixed release (greater than 1.9.9) is the advised remediatio...

CVE-2025-22660 WordPress Include Mastodon Feed plugin <= 1.9.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wolfgang Include Mastodon Feed include-mastodon-feed allows DOM-Based XSS.This issue affects Include Mastodon Feed: from n/a through = 1.9.9...

CVE-2025-30891

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magepeopleteam WpTravelly tour-booking-manager allows PHP Local File Inclusion.This issue affects WpTravelly: from n/a through = 1.8.7...

CVE-2025-30890

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SuitePlugins Login Widget for Ultimate Member login-widget-for-ultimate-member allows PHP Local File Inclusion.This issue affects Login Widget for Ultimate Member: from n/a throu...

CVE-2025-30871

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Travel Engine WP Travel Engine wp-travel-engine allows PHP Local File Inclusion.This issue affects WP Travel Engine: from n/a through = 6.3.5...

CVE-2025-30871

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.3.5...

CVE-2025-30868

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Maidul Team Manager wp-team-manager allows PHP Local File Inclusion.This issue affects Team Manager: from n/a through = 2.1.23...

WordPress plugin Include Mastodon Feed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2025-30595

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tstafford include-file include-file allows Stored XSS.This issue affects include-file: from n/a through = 1...

CVE-2025-30593

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in samsk Include URL include-url allows Stored XSS.This issue affects Include URL: from n/a through = 0.3.5...

CVE-2025-23952

CVE-2025-23952 describes an Unvalidated Filename handling flaw in WordPress plugin Custom Field List Widget (ntm custom-field-list-widget) that allows Local File Inclusion via PHP include/require. Affected: custom-field-list-widget versions