CVE-2025-11926 Related Posts Lite <= 1.12 - Authenticated (Admin+) Stored Cross-Site Scripting

The Related Posts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissio...

EUVD-2018-12725

Malware in sbrugna...

EUVD-2021-12000

Malware in sbrugna...

EUVD-2012-4357

Malware in sbrugna...

EUVD-2015-1130

Malware in sbrugna...

EUVD-2010-5256

Malware in sbrugna...

EUVD-2014-4918

Malware in sbrugna...

EUVD-2012-1666

Malware in sbrugna...

EUVD-2008-5306

Malware in sbrugna...

EUVD-2020-20524

Malware in sbrugna...

EUVD-2010-5255

Malware in sbrugna...

EUVD-2012-3355

Malware in sbrugna...

EUVD-2017-14597

Malware in sbrugna...

EUVD-2016-1935

Malware in sbrugna...

CVE-2025-59337

Discourse is an open-source community discussion platform. In versions 3.5.0 and below, malicious meta-commands could be embedded in a backup dump and executed during restore. In multisite setups, this allowed an admin of one site to access data or credentials from other sites. This issue is fixe...

BIT-DISCOURSE-2025-59337 Discourse: Cross-Site Data Exposure via Backup Restore Metacommand Injection in Multisite Deployments

Discourse is an open-source community discussion platform. In versions 3.5.0 and below, malicious meta-commands could be embedded in a backup dump and executed during restore. In multisite setups, this allowed an admin of one site to access data or credentials from other sites. This issue is fixe...

CVE-2025-9333

The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2025-10053

The TableGen – Data Table Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-9372

The Ultimate Multi Design Video Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject...

CVE-2025-9332

The Interactive Human Anatomy with Clickable Body Parts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...