WordPress plugin NEX-Forms 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2025-49932

Name of the Vulnerable Software and Affected Versions Rencontre versions through 3.13.7 Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious code can be injected int...

EUVD-2025-11568

Malicious code in bioql PyPI...

EUVD-2025-11115

Malicious code in bioql PyPI...

EUVD-2025-9820

Malicious code in bioql PyPI...

EUVD-2025-7965

Malicious code in bioql PyPI...

EUVD-2025-3570

Malicious code in bioql PyPI...

EUVD-2024-53022

Malicious code in bioql PyPI...

EUVD-2024-40818

Malicious code in bioql PyPI...

EUVD-2023-56374

Malicious code in bioql PyPI...

EUVD-2024-36544

Malicious code in bioql PyPI...

EUVD-2024-36439

Malicious code in bioql PyPI...

EUVD-2024-35061

Malicious code in bioql PyPI...

EUVD-2024-45850

Malicious code in bioql PyPI...

CVE-2025-55714

CVE-2025-55714 is a stored XSS in Crocoblock JetElements for Elementor (JetElements) up to version 2.7.9. The issue arises from improper neutralization of input during web page generation, enabling stored cross-site scripting. Affected product: JetElements for Elementor (WordPress plugin). Root c...

CVE-2025-7716 Real-time SEO for Drupal - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-091

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Real-time SEO for Drupal allows Cross-Site Scripting XSS.This issue affects Real-time SEO for Drupal: from 2.0.0 before 2.2.0...

PT-2025-29814 · Unknown · Kingdom Creation Media Folder

Name of the Vulnerable Software and Affected Versions: Kingdom Creation Media Folder versions through 1.0.0 Description: The software contains a cross-site scripting issue due to improper neutralization of input during web page generation. This allows for reflected cross-site scripting XSS...

PT-2025-27916 · Codepeople · Codepeople Booking Calendar Contact Form

Name of the Vulnerable Software and Affected Versions: codepeople Booking Calendar Contact Form versions 1.2.58 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means tha...

CVE-2024-43993

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CryoutCreations Liquido allows Stored XSS.This issue affects Liquido: from n/a through 1.0.1.2...

CVE-2024-43995

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in sonalsinha21 Posterity allows Stored XSS.This issue affects Posterity: from n/a through 3.6...