21 matches found
EUVD-2021-1983
Malware in sbrugna...
EUVD-2025-5670
Malicious code in bioql PyPI...
CVE-2020-23700
Cross Site Scripting XSS vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature...
CVE-2025-23881
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in littlejon LJ Custom Menu Links lj-custom-menu-links allows Reflected XSS.This issue affects LJ Custom Menu Links: from n/a through = 2.5...
CVE-2025-23881
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in littlejon LJ Custom Menu Links lj-custom-menu-links allows Reflected XSS.This issue affects LJ Custom Menu Links: from n/a through = 2.5...
CVE-2025-23881 WordPress LJ Custom Menu Links Plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in littlejon LJ Custom Menu Links lj-custom-menu-links allows Reflected XSS.This issue affects LJ Custom Menu Links: from n/a through = 2.5...
CVE-2025-23881
CVE-2025-23881 concerns the WordPress plugin LJ Custom Menu Links (versions
DRUPAL-CONTRIB-2024-011
The Coffee module helps you to navigate through the Drupal admin menus faster with a shortcut popup. The module doesn't sufficiently escape menu names when displaying them in the popup, thereby exposing a XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a...
GHSA-592V-7FRM-H44Q Cross-site scripting in LavaLite-CMS
Cross Site Scripting XSS vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature...
Cross-site scripting in LavaLite-CMS
Cross Site Scripting XSS vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature...
Cross Site Scripting (XSS)
lavalite/cms is vulnerable to cross-site scripting. An attacker is able to inject and execute malicious script via Menu Links feature...
CVE-2020-23700
Cross Site Scripting XSS vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature...
CVE-2020-23700
Cross Site Scripting XSS vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature...
Cross site scripting
Cross Site Scripting XSS vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature...
CVE-2020-23700
Cross Site Scripting XSS vulnerability in LavaLite-CMS 5.8.0 via the Menu Links feature...
CVE-2020-23700
CVE-2020-23700 affects LavaLite-CMS 5.8.0, with a Cross-Site Scripting (XSS) vulnerability exposed via the Menu Links feature. The issue is documented across multiple feeds (NVD, Red Hat advisory, OSV, GHSA, CNVD, Veracode, etc.), consistently describing user-controllable script execution through...
Sql injection
In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some menu links within the administration bar may be crafted to execute JavaScript when the administrator is logged in and uses the search functionality. This issue is mitigated by the attacker needing permissions to create...
DRUPAL-CONTRIB-2019-050
This module enables you to handle fields for Custom Menu Links. The module doesn't sufficiently check requests to one of the module controllers if the user has permission 'administer menu'. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create...
Shopify: Stored XSS Deleting Menu Links in the Shopify Admin
Hello Team, I found a stored xss issue. PoC unlisted: https://youtu.be/MjnKyFgqTTo watch my PoC than you'll understood everything. Payloads: // " Looks Like this issue available at " Title in Add menu " and also available at "Title" in " Menu Item " Mirror: https://azizvai.myshopify.com/ Thanks...
Drupal Menu Links Information Disclosure Vulnerability
Drupal is a free and open source content management system developed in PHP. A security vulnerability exists in Drupal Menu Links that allows remote attackers to exploit the vulnerability to submit special requests to obtain sensitive information...