CVE-2025-69089

CVE-2025-69089 is a Stored XSS vulnerability affecting the WordPress plugin Auto Listings (Car Listings & Car Dealership Plugin). The Wordfence entry confirms authenticated attackers can exploit improper input handling in web page generation to trigger Stored Cross-Site Scripting, impacting Auto ...

EUVD-2022-49621

Malicious code in bioql PyPI...

CVE-2022-46838

CVE-2022-46838 affects the WordPress plugin JS Help Desk – Best Help Desk & Support Plugin, versions prior to 2.7.1. The issue is a Missing Authorization vulnerability due to an incorrectly configured access control security level, enabling unauthenticated users to perform settings changes. Impac...

WordPress plugin Tutor LMS security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-23707

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', Unrestricted Upload of File with Dangerous Type vulnerability in Awsm Innovations Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files allows Stored XSS via upload of SVG and HTML files. This issue...