CVE-2015-10119

A vulnerability, which was classified as problematic, has been found in View All Posts Page Plugin up to 0.9.0 on WordPress. This issue affects the function actionadminnoticesactivation of the file view-all-posts-pages.php. The manipulation leads to cross site scripting. The attack may be initiat...

CVE-2005-1817

Invision Power Board IPB 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters...

CVE-2006-7188

The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to read internal forum posts via certain requests, possibly related to the $info'forum' variable...

CVE-2025-46263

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lloyd Saunders Author Box After Posts author-box-after-posts allows Stored XSS.This issue affects Author Box After Posts: from n/a through = 1.6...

CVE-2025-39374

Cross-Site Request Forgery CSRF vulnerability in aseem1234 Best Posts Summary best-posts-summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through = 1.0...

CVE-2025-39369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sihibbs Posts for Page posts-for-page allows DOM-Based XSS.This issue affects Posts for Page: from n/a through = 2.1...

CVE-2025-3750

The CVE CVE-2025-3750 affects the WordPress plugin Network Posts Extended (versions up to and including 7.7.1). It describes a Stored Cross-Site Scripting (Stored XSS) via the post_height parameter caused by insufficient input sanitization and output escaping. Exploitation requires authentication...

CVE-2025-37899

creationtimestamp| type| source ---|---|--- 2025-05-21 08:47:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17104 2025-05-22 11:21:06+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3lpqyqrgb452s 2025-05-22 11:21:41+00:00| seen|...

WordPress plugin Network Posts Extended 跨站脚本漏洞

WordPress Network Posts Extended is a WordPress plugin that enhances post publishing and management on WordPress websites. A cross-site scripting vulnerability exists in WordPress Network Posts Extended. The vulnerability stems from insufficient input cleanup and escaping of the postheight...

PT-2025-22333 · WordPress · Network Posts Extended

Name of the Vulnerable Software and Affected Versions: The Network Posts Extended plugin for WordPress versions up to, and including, 7.7.1 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated...

WordPress Network Posts Extended plugin <= 7.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via post_height Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via postheight Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Posts Extended versions = 7.7.1...

CVE-2025-41226

creationtimestamp| type| source ---|---|--- 2025-05-20 14:48:22+00:00| seen| https://bsky.app/profile/andersonc0d3.bsky.social/post/3lpmdfkawoc2w 2025-05-20 14:48:25+00:00| seen| https://infosec.exchange/users/andersonc0d3/statuses/114540708203094327 2025-05-20 14:54:00+00:00| seen|...

CVE-2025-3079

creationtimestamp| type| source ---|---|--- 2025-05-20 00:10:11+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpksd26u73v2 2025-05-20 00:43:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpku6jj7o32j...

CVE-2025-46263

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lloyd Saunders Author Box After Posts author-box-after-posts allows Stored XSS.This issue affects Author Box After Posts: from n/a through = 1.6...

CVE-2025-39374

Cross-Site Request Forgery CSRF vulnerability in aseem1234 Best Posts Summary best-posts-summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through = 1.0...

CVE-2025-39369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sihibbs Posts for Page posts-for-page allows DOM-Based XSS.This issue affects Posts for Page: from n/a through = 2.1...

CVE-2025-46263

CVE-2025-46263 : Stored XSS in WordPress plugin “Author Box After Posts” (versions up to and including 1.6). Root cause: improper input neutralization during web page generation. Impact is described as Cross-Site Scripting with potential user data exposure and site compromise; CVSS 3.1 base score...

CVE-2025-46263 WordPress Author Box After Posts plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lloyd Saunders Author Box After Posts author-box-after-posts allows Stored XSS.This issue affects Author Box After Posts: from n/a through = 1.6...

CVE-2025-46263 WordPress Author Box After Posts plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lloyd Saunders Author Box After Posts allows Stored XSS.This issue affects Author Box After Posts: from n/a through 1.6...

CVE-2025-39374 WordPress Best Posts Summary plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in aseem1234 Best Posts Summary best-posts-summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through = 1.0...