22 matches found
EUVD-2024-50988
Malicious code in bioql PyPI...
EUVD-2025-11103
Malicious code in bioql PyPI...
EUVD-2025-9142
Malicious code in bioql PyPI...
CVE-2024-12598
The MyBookProgress by Stormhill Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘book’ parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-30982
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zookatron MyBookProgress by Stormhill Media mybookprogress allows Stored XSS.This issue affects MyBookProgress by Stormhill Media: from n/a through = 1.0.8...
CVE-2025-30982
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zookatron MyBookProgress by Stormhill Media mybookprogress allows Stored XSS.This issue affects MyBookProgress by Stormhill Media: from n/a through = 1.0.8...
CVE-2025-30982 WordPress MyBookProgress by Stormhill Media plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zookatron MyBookProgress by Stormhill Media mybookprogress allows Stored XSS.This issue affects MyBookProgress by Stormhill Media: from n/a through = 1.0.8...
CVE-2025-30982 WordPress MyBookProgress by Stormhill Media plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zookatron MyBookProgress by Stormhill Media mybookprogress allows Stored XSS.This issue affects MyBookProgress by Stormhill Media: from n/a through = 1.0.8...
CVE-2025-30982
CVE-2025-30982 is a stored XSS in WordPress plugin MyBookProgress by Stormhill Media (affected: MyBookProgress
WordPress plugin MyBookProgress by Stormhill Media 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
CVE-2025-31887
Missing Authorization vulnerability in zookatron MyBookProgress by Stormhill Media mybookprogress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyBookProgress by Stormhill Media: from n/a through = 1.0.8...
WordPress MyBookProgress by Stormhill Media plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin MyBookProgress by Stormhill Media versions = 1.0.8...
CVE-2025-31887
Missing Authorization vulnerability in zookatron MyBookProgress by Stormhill Media mybookprogress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyBookProgress by Stormhill Media: from n/a through = 1.0.8...
CVE-2025-31887 WordPress MyBookProgress plugin <= 1.0.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in zookatron MyBookProgress by Stormhill Media allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MyBookProgress by Stormhill Media: from n/a through 1.0.8...
WordPress plugin MyBookProgress by Stormhill Media 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2024-12598
The MyBookProgress by Stormhill Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘book’ parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-12598 MyBookProgress by Stormhill Media <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via book Parameter
The MyBookProgress by Stormhill Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘book’ parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-12598 MyBookProgress by Stormhill Media <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via book Parameter
The MyBookProgress by Stormhill Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘book’ parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-12598
The CVE-2024-12598 affects the MyBookProgress by Stormhill Media WordPress plugin. It is a Stored XSS in the book parameter on all versions up to 1.0.8 due to insufficient input sanitization and output escaping. Exploitation requires authentication at Contributor level or higher; an attacker can ...
PT-2025-1908 · Stormhill Media · Mybookprogress
The MyBookProgress plugin for WordPress, developed by Stormhill Media, is susceptible to Stored Cross-Site Scripting XSS attacks due to inadequate input sanitization and output escaping. This issue affects all versions up to and including 1.0.8, specifically through the 'book' parameter...