558 matches found
EUVD-2025-205880
Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through 1.4...
CVE-2025-49354 WordPress Recent Posts From Each Category plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category recent-posts-from-each-category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through = 1.4...
WordPress plugin Recent Posts From Each Category 跨站请求伪造漏洞
...
PT-2025-54280
Name of the Vulnerable Software and Affected Versions Mindstien Technologies Recent Posts From Each Category versions 1.4 and earlier Description The Recent Posts From Each Category plugin contains a Cross-Site Request Forgery CSRF issue and a Stored Cross-Site Scripting XSS issue. The CSRF flaw...
EUVD-2025-102700
Malicious code in recentleopardz3n npm...
EUVD-2025-102701
Malicious code in recentfelidaez3n npm...
EUVD-2025-75851
Malicious code in recentdinosaur-smiletea npm...
EUVD-2025-71387
Malicious code in recentplanarianz3n npm...
EUVD-2025-62330
Malicious code in recentgoosez3n npm...
EUVD-2025-67350
Malicious code in recentstarfishz3n npm...
EUVD-2025-52414
Malicious code in recent-scarlet-sawfish npm...
Malicious code in recent_panda_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb1928a830c3850dfc5863e0c10ad82c4d2b251542ebe5f3a67b4d3a649075ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-45619
Malicious code in recentpandaz3n npm...
MGASA-2025-0260 Updated mediawiki packages fix security vulnerabilities
i18n XSS vulnerability in HTMLMultiSelectField when sections are used. CVE-2025-3469 "reupload-own" restriction can be bypassed by reverting file. CVE-2025-32696 Cascading protection is not preventing file reversions. CVE-2025-32697 LogPager.php: Restriction enforcer functions do not correctly...
WordPress Plugin ACF Recent Posts Widget Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin ACF Recent Posts Widget, no...
CVE-2025-62894
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magicoders ACF Recent Posts Widget acf-recent-posts-widget allows Stored XSS.This issue affects ACF Recent Posts Widget: from n/a through = 5.9.3...
EUVD-2025-36044
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magicoders ACF Recent Posts Widget acf-recent-posts-widget allows Stored XSS.This issue affects ACF Recent Posts Widget: from n/a through = 5.9.3...
CVE-2025-62894
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magicoders ACF Recent Posts Widget acf-recent-posts-widget allows Stored XSS.This issue affects ACF Recent Posts Widget: from n/a through = 5.9.3...
CVE-2025-62894 WordPress ACF Recent Posts Widget plugin <= 5.9.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magicoders ACF Recent Posts Widget acf-recent-posts-widget allows Stored XSS.This issue affects ACF Recent Posts Widget: from n/a through = 5.9.3...
CVE-2025-62894 WordPress ACF Recent Posts Widget plugin <= 5.9.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magicoders ACF Recent Posts Widget acf-recent-posts-widget allows Stored XSS.This issue affects ACF Recent Posts Widget: from n/a through = 5.9.3...