WordPress Markup Markdown plugin < 3.20.10 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Markup Markdown versions 3.20.10...

EUVD-2025-30406

Malicious code in bioql PyPI...

EUVD-2025-25288

Malicious code in bioql PyPI...

CVE-2025-9540

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9541

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Markup Markdown plugin < 3.20.10 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by minseok Kim in WordPress Plugin Markup Markdown versions 3.20.10...

CVE-2025-9541

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9540

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9541 Markup Markdown < 3.20.10 - Contributor+ Stored XSS

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9541 Markup Markdown < 3.20.10 - Contributor+ Stored XSS

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9541

CVE-2025-9541 affects the WordPress plugin Markup Markdown (versions before 3.20.10). The issue allows JavaScript in links, enabling Stored XSS for users with contributor role and above. Patchstack/Red Hat/NVD entries confirm the vulnerability and an update to 3.20.10 as the fix; apply the 3.20.1...

CVE-2025-9540 Markup Markdown < 3.20.10 - Contributor+ Stored XSS

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9540 Markup Markdown < 3.20.10 - Contributor+ Stored XSS

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9540

CVE-2025-9540 affects the WordPress plugin Markup Markdown up to version 3.20.9. The issue allows links to contain JavaScript, enabling Stored XSS for users with the Contributor role or higher. The CVSS 3.1 base score is 4.7 (Impact/Integrity/Availability Low). A fix is available in version 3.20....

WordPress plugin Markup Markdown 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin Markup Markdown 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-38691

Name of the Vulnerable Software and Affected Versions Markup Markdown WordPress plugin versions prior to 3.20.10 Description The plugin allows links to contain JavaScript, potentially enabling users with contributor or higher roles to execute Stored Cross-Site Scripting attacks. Recommendations...

PT-2025-38692

Name of the Vulnerable Software and Affected Versions Markup Markdown WordPress plugin versions prior to 3.20.10 Description The plugin allows links to contain JavaScript, potentially enabling users with contributor or higher roles to carry out Stored Cross-Site Scripting attacks. Recommendations...

CVE-2025-49420

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Reflected XSS.This issue affects Ultra Portfolio: from n/a through = 6.7...

CVE-2025-49420

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Reflected XSS.This issue affects Ultra Portfolio: from n/a through = 6.7...