18 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-59057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-router versions 7.0.0 through 7.8.2, a XSS vulnerability exist...
CVE-2025-59057 React Router has XSS Vulnerability
React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-router versions 7.0.0 through 7.8.2, a XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution...
CVE-2025-59057 React Router has XSS Vulnerability
React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-router versions 7.0.0 through 7.8.2, a XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution...
CVE-2025-59057 React Router has XSS Vulnerability
React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-router versions 7.0.0 through 7.8.2, a XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Meta API in Framework Mode when generating script:ld+json tags during server-side rendering with untrusted content. An attacker can execute arbitrary JavaScript code by injecting malicious input into the...
GHSA-3CGP-3XVW-98X8 React Router has XSS Vulnerability
A XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate the tag. !NOTE This does not impact applications using Declarative Mode or Data Mod...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Meta API in Framework Mode when generating script:ld+json tags during server-side rendering with untrusted content. An attacker can execute arbitrary JavaScript code by injecting malicious input into the...
React Router has XSS Vulnerability
A XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate the tag. !NOTE This does not impact applications using Declarative Mode or Data Mod...
EUVD-2025-205634
The PixelYourSite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.1.5 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...
CVE-2025-14280
The PixelYourSite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.1.5 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...
CVE-2025-14280
The CVE concerns the WordPress PixelYourSite plugin. All versions up to 11.1.5 expose sensitive information via publicly accessible log files when the Meta API logs setting is enabled (default disabled). Unauthenticated attackers could read potentially sensitive data from those logs. A partial pa...
CVE-2025-14280 PixelYourSite <= 11.1.5 - Sensitive Information Exposure via Log File
The PixelYourSite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.1.5 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...
PT-2025-53777
Name of the Vulnerable Software and Affected Versions PixelYourSite versions up to and including 11.1.5 Description The PixelYourSite plugin for WordPress is susceptible to sensitive information disclosure through publicly exposed log files. An unauthenticated attacker may be able to view...
MAL-2025-48851 Malicious code in meta-api-boostx-v2-pro (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in meta-api-boostx-v2-pro (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in meta_api (npm)
The package metaapi was found to contain malicious code...
MAL-2025-1897 Malicious code in meta-api-client (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in meta-api-client (npm)
--- -= Per source details. Do not edit below this line.=-...