CVE-2025-13910

The CVE-2025-13910 entry affects the WP-WebAuthn WordPress plugin. All versions up to 1.3.4 are vulnerable to Unauthenticated Stored Cross-Site Scripting via the wwa_auth AJAX endpoint due to insufficient input sanitization and output escaping on user-supplied attributes logged by the plugin. Thi...

iThemes Security SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up a personal blog site. iThemes Security better-wp-security plugin is used in one of the intrusion of a website for protection of the...

WordPress iThemes Security Information Disclosure Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on PHP and MySQL servers. iThemes Security plugin is a security plugin used in it. A security vulnerability exists in WordPress iThemes Security...

Fedora 18 : viewvc-1.1.17-2.fc18 (2012-16646)

Patch CVE-2012-4533. Version 1.1.16 - security fix: escape 'extra' diff info to avoid XSS attack issue 515 - add 'binarymimetypes' configuration option and handling issue 510 - fix 'select for diffs' persistence across log pages issue 512 - remove lock status and filesize check on directories in...

CVE-2007-6460

Multiple cross-site scripting XSS vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by 1 log.php or 2 logerror.php, a different vulnerability than CVE-2007-6459...