9 matches found
CVE-2026-33035
WWBN AVideo is an open source video platform. In versions 25.0 and below, there is a reflected XSS vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser. User input from a URL parameter flows through PHP's jsonencode into a JavaScript function...
CVE-2026-33035
WWBN AVideo is an open source video platform. In versions 25.0 and below, there is a reflected XSS vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser. User input from a URL parameter flows through PHP's jsonencode into a JavaScript function...
CVE-2019-25150
The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers to present phishing forms or conduct cross-site request forgery attacks against site administrators...
XWiki Commons 跨站脚本漏洞
XWiki Commons is a technology library shared by several other top-level XWiki projects of the French XWiki Foundation. A cross-site scripting vulnerability exists in XWiki Commons versions 9.6-rc-1 through 14.10.6 and 15.0-rc-1 through 15.2-rc-1, which stems from the inclusion of HTML cleaners in...
CVE-2019-25150
The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers to present phishing forms or conduct cross-site request forgery attacks against site administrators...
CVE-2019-25150
The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers to present phishing forms or conduct cross-site request forgery attacks against site administrators...
Cross site request forgery (csrf)
The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers to present phishing forms or conduct cross-site request forgery attacks against site administrators...
CVE-2019-25150 Email Templates <= 1.3 - HTML Injection
The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers to present phishing forms or conduct cross-site request forgery attacks against site administrators...
PT-2023-11377 · WordPress · Email Templates
Name of the Vulnerable Software and Affected Versions: Email Templates plugin for WordPress versions up to and including 1.3 Description: The issue allows attackers to perform HTML Injection, enabling them to present phishing forms or conduct cross-site request forgery attacks against site...