CVE-2025-22546 WordPress jQuery TwentyTwenty plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Obaid Hossain jQuery TwentyTwenty js-twentytwenty allows Stored XSS.This issue affects jQuery TwentyTwenty: from n/a through = 1.0...

CVE-2025-22546 WordPress jQuery TwentyTwenty plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Obaid Hossain jQuery TwentyTwenty js-twentytwenty allows Stored XSS.This issue affects jQuery TwentyTwenty: from n/a through = 1.0...

CVE-2025-22546

CVE-2025-22546 is an explicit Stored XSS in jQuery TwentyTwenty (WordPress plugin) due to improper input neutralization during web page generation. The affected product is jQuery TwentyTwenty (WordPress plugin) up to version 1.0, with a CVSS 3.1 base score of 6.5 (Medium); attack vector Network, ...

CVE-2024-56287

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AppJetty WP jQuery DataTable wp-jquery-datatable allows Stored XSS.This issue affects WP jQuery DataTable: from n/a through = 4.0.1...

CVE-2024-56287 WordPress WP jQuery DataTable Plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AppJetty WP jQuery DataTable wp-jquery-datatable allows Stored XSS.This issue affects WP jQuery DataTable: from n/a through = 4.0.1...

CVE-2024-12499

The WP jQuery DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpjdt' shortcode in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-12499 WP jQuery DataTable <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP jQuery DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpjdt' shortcode in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-12499 WP jQuery DataTable <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP jQuery DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpjdt' shortcode in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress plugin WP jQuery DataTable 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

PT-2025-4537 · Unknown · Jquery Twentytwenty

Name of the Vulnerable Software and Affected Versions: jQuery TwentyTwenty versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inject malicious...

WordPress plugin WP jQuery DataTable 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

PT-2025-1870 · WordPress · Wp Jquery Datatable

Name of the Vulnerable Software and Affected Versions: WP jQuery DataTable plugin for WordPress versions up to, and including, 4.0.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'wp jdt' shortcode due to insufficient input sanitization and output escaping on...

WordPress plugin jQuery TwentyTwenty 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Malicious code in jquery.slideviewer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c99adb7b17da26c89371b100994f4eaef06ce19a5103f35ea6230d375af0cc95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-52583 WesHacks code includes links to Leostop tracking spyware infested files

The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page schedule.html before 17 November 2024 or commit 93dfb83 contains links to Leostop, a site that hosts a malicious injected JavaScript file that occurs when...

CVE-2024-52583 WesHacks code includes links to Leostop tracking spyware infested files

The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page schedule.html before 17 November 2024 or commit 93dfb83 contains links to Leostop, a site that hosts a malicious injected JavaScript file that occurs when...

CVE-2024-52583 WesHacks code includes links to Leostop tracking spyware infested files

The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page schedule.html before 17 November 2024 or commit 93dfb83 contains links to Leostop, a site that hosts a malicious injected JavaScript file that occurs when...

Fedora 37 : js-jquery-ui (2022-7291b78111)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-7291b78111 advisory. A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting XSS attack via the initializatio...

jQuery < 1.9.0 Cross-Site Scripting

According to its self-reported version number, jQuery is prior to 1.9.0. Therefore, it may be affected by a cross-site scripting vulnerability because the load method fails to recognize and remove "" HTML tags that contain a whitespace character. Note that the scanner has not tested for these...

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 20 (4.2.0.20)

Summary Multiple vulnerabilities were addressed in ITNM version 4.2 Fix Pack 20 4.2.0.20 Vulnerability Details CVEID:CVE-2024-23944 DESCRIPTION: Apache ZooKeeper could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in persistent watchers handling. By...