CVE-2025-12651

The Live Photos on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'videosrc', 'imgsrc', and 'class' parameters in the livephotosphoto shortcode in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping on...

EUVD-2025-60921

The Live Photos on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'videosrc', 'imgsrc', and 'class' parameters in the livephotosphoto shortcode in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping on...

CVE-2025-12651

CVE-2025-12651 describes a stored cross-site scripting (XSS) vulnerability in the WordPress plugin Live Photos on WordPress . The flaw arises from insufficient input sanitization and output escaping for user-supplied attributes in the shortcode livephotos_photo, specifically the parameters video_...

PT-2025-46284

Name of the Vulnerable Software and Affected Versions Live Photos on WordPress plugin versions prior to 0.1 Description The Live Photos on WordPress plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping on...

WordPress plugin Live Photos on WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

EUVD-2015-4637

Malware in sbrugna...

CVE-2024-22158 WordPress PeepSo Core: Photos Plugin < 6.3.1.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User...

CVE-2024-22158 WordPress PeepSo Core: Photos Plugin < 6.3.1.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User...

CVE-2015-10126 Easy2Map Photos Plugin sql injection

A vulnerability classified as critical was found in Easy2Map Photos Plugin 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The patch is identified ...

CVE-2015-10126

The CVE-2015-10126 vulnerability affects Easy2Map Photos Plugin for WordPress (plugin version 1.0.1). The issue is a SQL injection caused by unknown code within the plugin, with remote execution possible. Upgrading to version 1.1.0 addresses the flaw (patch 503d9ee2482d27c065f78d9546f076a40618990...