CVE-2026-2936

The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pagetitle' parameter in all versions up to, and including, 8.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2026-2936 Visitor Traffic Real Time Statistics <= 8.4 - Unauthenticated Stored Cross-Site Scripting

The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pagetitle' parameter in all versions up to, and including, 8.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

EUVD-2017-7099

Malware in sbrugna...

CVE-2022-30863

FUDForum 3.1.2 is vulnerable to Cross Site Scripting XSS via pagetitle param in Page Manager in the Admin Control Panel...

CVE-2017-15648

In PHPSUGAR PHP Melody before 2.7.3, pagemanager.php has XSS via the pagetitle parameter...

CVE-2012-2629

Multiple cross-site request forgery CSRF and cross-site scripting XSS vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator account via an addnew action to admin/administratorsadd.php; or 2 conduct...

CVE-2017-15648

In PHPSUGAR PHP Melody before 2.7.3, pagemanager.php has XSS via the pagetitle parameter...

ShareTronix 1.0.4 Cross Site Scripting

ShareTronix - HTML Injection Vulnerability Version Affected: 1.0.4 newest Info: Sharetronix Opensource is a multimedia microblogging platform. It helps people in a community, company, or group to exchange short messages over the Web. Credits: MaXe from InterN0T patched the vulnerability & Reelix...