CVE-2025-23892 WordPress Progress Tracker plugin <= 0.9.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Furr Progress Tracker progress-tracker allows DOM-Based XSS.This issue affects Progress Tracker: from n/a through = 0.9.3...

CVE-2025-23892 WordPress Progress Tracker plugin <= 0.9.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Furr Progress Tracker progress-tracker allows DOM-Based XSS.This issue affects Progress Tracker: from n/a through = 0.9.3...

CVE-2025-23892

CVE-2025-23892 affects Progress Tracker (WordPress plugin). Description from connected sources confirms a DOM-based XSS flaw caused by improper input neutralization, affecting Progress Tracker versions up to 0.9.3. Red Hat and Wordfence entries corroborate the vulnerability and indicate the patch...

Exploit for OS Command Injection in Paloaltonetworks Pan-Os

Palo Alto PAN-OS Exploit PoC - CVE-2024-0012 & CVE-2024-9474 T...

WordPress CC Circle Progress Bar plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin CC Circle Progress Bar versions = 1.0.0...

WordPress Progress Tracker plugin <= 0.9.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Progress Tracker versions = 0.9.3...

WordPress plugin CC Circle Progress Bar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Progress Tracker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-5175 · Unknown · Progress Tracker

Name of the Vulnerable Software and Affected Versions: Progress Tracker versions 0.9.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means that an attacker could potentially inject malicious scrip...

BIT-PHP-MIN-2020-7062 Null Pointer Dereference in PHP Session Upload Progress

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.uploadprogress.cleanup is set to 0 disabled, and the file upload fails, the upload procedure would try to clean up data that does...

Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability

Talos Vulnerability Report TALOS-2024-2089 Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability January 8, 2025 CVE Number CVE-2024-12105 SUMMARY A path traversal vulnerability exists in the handling of SnmpExtendedActiveMonitor requests in Progress WhatsUp Gold 24.0.1 Bui...

CVE-2024-11625

Information Exposure Through an Error Message vulnerability in Progress Software Corporation Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...

CVE-2024-11626

Improper Neutralization of Input During CMS Backend adminstrative section Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Progress Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from...

CVE-2024-11625

Information Exposure Through an Error Message vulnerability in Progress Software Corporation Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...

CVE-2024-11627

: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...

CVE-2024-11627

: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...

CVE-2024-11627

: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...

CVE-2024-11627

Summary: CVE-2024-11627 is an insufficient session expiration vulnerability in Progress Sitefinity that enables session fixation. Affected software: Progress Sitefinity across multiple versions (4.0–14.4.8142; 15.0.8200–15.0.8229; 15.1.8300–15.1.8327; 15.2.8400–15.2.8421). Vulnerability type: ses...

CVE-2024-11627

: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...

CVE-2024-11626

Progress Sitefinity CVE-2024-11626 is an XSS-type vulnerability due to improper input neutralization in the CMS backend page generation. It affects Sitefinity releases 4.0–14.4.8142, 15.0.8200–15.0.8229, 15.1.8300–15.1.8327, and 15.2.8400–15.2.8421. The CVE details are corroborated by NVD, Red Ha...