EUVD-2025-2841

Malicious code in bioql PyPI...

EUVD-2025-2842

Malicious code in bioql PyPI...

CVE-2025-22563

Cross-Site Request Forgery CSRF vulnerability in faaiq Pretty Url pretty-url allows Cross Site Request Forgery.This issue affects Pretty Url: from n/a through = 1.5.5...

CVE-2023-2009

Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-22564

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faaiq Pretty Url pretty-url allows Reflected XSS.This issue affects Pretty Url: from n/a through = 1.5.4...

CVE-2025-22564

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faaiq Pretty Url pretty-url allows Reflected XSS.This issue affects Pretty Url: from n/a through = 1.5.4...

CVE-2025-22564 WordPress Pretty Url Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faaiq Pretty Url pretty-url allows Reflected XSS.This issue affects Pretty Url: from n/a through = 1.5.4...

CVE-2025-22564 WordPress Pretty Url Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faaiq Pretty Url pretty-url allows Reflected XSS.This issue affects Pretty Url: from n/a through = 1.5.4...

PT-2025-4555 · Unknown · Faaiq Pretty Url

Name of the Vulnerable Software and Affected Versions: Faaiq Pretty Url versions 1.5.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means an attacker can inject...

WordPress plugin Pretty Url 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

CVE-2025-22563

Cross-Site Request Forgery CSRF vulnerability in faaiq Pretty Url pretty-url allows Cross Site Request Forgery.This issue affects Pretty Url: from n/a through = 1.5.5...

WordPress Pretty Url Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Pretty Url versions = 1.5.4...

WordPress plugin Pretty Url 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-4554 · Unknown · Faaiq Pretty Url

Name of the Vulnerable Software and Affected Versions: Faaiq Pretty Url versions 1.5.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. Recommendations: For versions 1.5.4 and earlier, update to a version that fixes this...

CVE-2023-2009

Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2009 Pretty Url <= 1.5.4 - Admin+ Stored XSS in plugin settings

Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2009

The CVE-2023-2009 entry concerns the Pretty Url WordPress plugin, affected up to version 1.5.4. The vulnerability stems from the plugin’s failure to sanitize and escape the URL field in its settings, enabling stored XSS by high-privilege authenticated users, even when unfiltered_html is disallowe...

CVE-2023-2009 Pretty Url <= 1.5.4 - Admin+ Stored XSS in plugin settings

Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin URL field in the Pretty Url 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...