EUVD-2025-7963

Malicious code in bioql PyPI...

CVE-2025-30533

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Message ticker message-ticker allows Stored XSS.This issue affects Message ticker: from n/a through = 9.3...

CVE-2025-30533

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Message ticker message-ticker allows Stored XSS.This issue affects Message ticker: from n/a through = 9.3...

CVE-2025-30533 WordPress Message ticker plugin <= 9.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Message ticker message-ticker allows Stored XSS.This issue affects Message ticker: from n/a through = 9.3...

CVE-2025-30533 WordPress Message ticker plugin <= 9.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Message ticker message-ticker allows Stored XSS.This issue affects Message ticker: from n/a through = 9.3...

CVE-2025-30533

CVE-2025-30533 is an authenticated stored XSS vulnerability in the WordPress plugin Message ticker (version ≤ 9.3). The vulnerability allows an attacker with Administrator+ privileges to inject malicious script through input during web page generation, leading to stored Cross-Site Scripting. The ...

WordPress Message ticker plugin <= 9.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Message ticker versions = 9.3...

WordPress plugin Message ticker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

Message ticker < 9.3 - Authenticated (Subscriber+) SQL Injection via Shortcode

Description The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2023-5433

The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticate...

Sql injection

The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticate...

CVE-2023-5433

CVE-2023-5433 affects the WordPress Message ticker plugin up to version 9.2. The root cause is insufficient escaping of user-supplied shortcode parameters and inadequate preparation of the SQL query, enabling authenticated attackers with subscriber-level or higher permissions to inject additional...

CVE-2023-5433 Message ticker <= 9.2 - Authenticated (Subscriber+) SQL Injection via Shortcode

The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticate...

CVE-2023-5433 Message ticker <= 9.2 - Authenticated (Subscriber+) SQL Injection via Shortcode

The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticate...

WordPress Plugin Message ticker SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Message ticker Plugin <= 9.2 is vulnerable to SQL Injection

Software Message ticker Type Plugin Vulnerable versions = 9.2 Fixed in 9.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5433 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 7c80f52b28f8 Credits István Márton Required privilege Contributor Published ...