WordPress Application Passwords plugin <= 0.1.3 - Reflected Cross-Site Scripting via reject_url vulnerability

Reflected Cross-Site Scripting via rejecturl vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Application Passwords versions = 0.1.3...

CVE-2025-13308 Application Passwords <= 0.1.3 - Reflected Cross-Site Scripting via reject_url

The Application Passwords plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'rejecturl' parameter in all versions up to, and including, 0.1.3. This is due to insufficient input sanitization and output escaping on user supplied URLs, which allows javascript: URI schemes ...

CVE-2025-13308

CVE-2025-13308 affects the WordPress Application Passwords plugin. It is a Reflected Cross-Site Scripting vulnerability via the reject_url parameter present in versions up to 0.1.3. The issue arises from insufficient input sanitization and output escaping of user-supplied URLs, enabling javascrip...

PT-2025-49339

The Application Passwords plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'reject url' parameter in all versions up to, and including, 0.1.3. This is due to insufficient input sanitization and output escaping on user supplied URLs, which allows javascript: URI schemes...

Cross-site Scripting (XSS)

Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the successurl and rejecturl parameters when requesting application passwords. An attacker can inject arbitrary web script...

TRENDnet TEW-755AP stack overflow vulnerability (CNVD-2023-18953)

The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a stack overflow vulnerability that stems from the lack of size checking of input data in the rejecturl parameter of the reject sub41BD60 function, which can be exploited by an attacker to execute arbitrary code...

CVE-2022-46591

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the rejecturl parameter in the reject sub41BD60 function...

PT-2022-27919 · Trendnet · Trendnet Tew755Ap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW755AP version 1.13B01 Description: A stack overflow issue was discovered via the reject url parameter in the reject sub 41BD60 function. This issue affects the specified version of the TRENDnet TEW755AP. Recommendations: For...

TRENDnet TEW-755AP 缓冲区错误漏洞

The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a stack overflow vulnerability that stems from the lack of size checking of input data in the rejecturl parameter of the reject sub41BD60 function, which can be exploited by an attacker to execute arbitrary code...