CVE-2025-30558 WordPress ANAC XML Render plugin <= 1.5.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in EnzoCostantini55 ANAC XML Render anac-xml-render allows Stored XSS.This issue affects ANAC XML Render: from n/a through = 1.5.7...

CVE-2025-30558 WordPress ANAC XML Render plugin <= 1.5.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in EnzoCostantini55 ANAC XML Render allows Stored XSS. This issue affects ANAC XML Render: from n/a through 1.5.7...

CVE-2025-30558

CVE-2025-30558 : A CSRF flaw in the WordPress plugin ANAC XML Render (vendor: EnzoCostantini55) could enable a stored XSS. Affected versions are listed as

WordPress ANAC XML Render plugin <= 1.5.7 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin ANAC XML Render versions = 1.5.7...

WordPress plugin ANAC XML Render 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

Malicious code in byted-midas-render-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b801b5ca095df1e96b38bfc8f414ed583b82378f669eea2e6028157e2dbecc94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2563 Malicious code in byted-midas-render-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b801b5ca095df1e96b38bfc8f414ed583b82378f669eea2e6028157e2dbecc94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1772 Malicious code in com.unity.render-pipelines.high-definition (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in com.unity.render-pipelines.high-definition (npm)

--- -= Per source details. Do not edit below this line.=-...

Cross-site Scripting (XSS)

Overview org.apache.felix:org.apache.felix.webconsole is a web based management console for OSGi frameworks. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the renderContent function in ServicesServlet.java, which allows attackers to inject scripts into services...

Malicious code in model-viewer-render-fidelity-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1109626e5ba207b2f14c0b5c9081c8b4dd49932d296464a13921731b5749a51c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-2071 · WordPress · Ht Event – Wordpress Event Manager Plugin For Elementor

Name of the Vulnerable Software and Affected Versions: The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress versions up to, and including, 1.4.7 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private,...

DEBIAN-CVE-2025-23207

KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with renderToString could encounter malicious input using \htmlData that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade t...

UBUNTU-CVE-2025-23207

KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with renderToString could encounter malicious input using \htmlData that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade t...

CVE-2024-13215

The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.10 via the 'render' function in modules/modal-popup/widgets/modal-popup.php. This makes it possible for authenticated attackers, with Contributor-level acce...

WordPress plugin WP Header Notification 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

PT-2025-1762 · WordPress · Elementor Addons Ai Addons

Name of the Vulnerable Software and Affected Versions: Elementor Addons AI Addons – 70 Widgets, Premium Templates, Ultimate Elements plugin for WordPress versions up to, and including, 2.2.1 Description: The issue concerns insufficient restrictions on which templates can be included through the...

PT-2025-1899 · Microsoft · Dynamics 365 Integration Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Dynamics 365 Integration plugin for WordPress version 1.3.23 and earlier Description: The issue is related to Remote Code Execution and Arbitrary File Read due to missing input validation and sanitization on the render function, allowing...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to pointer assignment errors allows a perpetrator to trigger a service failure.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes is linked to errors in the assignment of pointers during the processing of WRL files. Exploiting...

SUSE CVE-2024-55657

SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's /api/template/render endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host system. Version 3.1.16...