6 matches found
CVE-2025-13604
The Login Security, FireWall, Malware removal by CleanTalk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the page URL in all versions up to, and including, 2.168 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker...
PT-2024-34835 · Unknown · Cf7 Wow Styler
Name of the Vulnerable Software and Affected Versions: CF7 WOW Styler versions 1.6.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows Reflected XSS, which can be exploited...
CVE-2024-2749
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's access control mechanism fails to properly restrict access to its settings, permitting any users that can access a menu to manipulate requests and perform unauthorized actions such as editing, renaming or deleting categorie...
CVE-2024-32598
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8...
WordPress plugin New Adman 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
2017-10 Preview of Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4041686)
2017-10 Preview of Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems KB4041686...