2406 matches found
CVE-2026-4847 dameng100 muucmf list.html cross site scripting
A vulnerability was found in dameng100 muucmf 1.9.5.20260309. The impacted element is an unknown function of the file /admin/config/list.html. Performing a manipulation of the argument Name results in cross site scripting. The attack can be initiated remotely. The exploit has been made public and...
CVE-2025-15488 Responsive Plus < 3.4.3 - Unauthenticated Arbitrary Shortcode Execution
The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the updateresponsivewoofreeshippingleftshortcode AJAX action that does not properly validate the contentrechdata parameter before processi...
CVE-2025-15488
The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the updateresponsivewoofreeshippingleftshortcode AJAX action that does not properly validate the contentrechdata parameter before processi...
CVE-2025-15488 Responsive Plus < 3.4.3 - Unauthenticated Arbitrary Shortcode Execution
The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the updateresponsivewoofreeshippingleftshortcode AJAX action that does not properly validate the contentrechdata parameter before processi...
CVE-2025-15488
The CVE covers the Responsive Plus WordPress plugin (vulnerable: before 3.4.3). An unauthenticated attacker can trigger arbitrary shortcode execution by abusing the update_responsive_woo_free_shipping_left_shortcode AJAX action, which fails to validate the content_rech_data parameter before proce...
WordPress plugin Responsive Plus 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-28213
The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the update responsive woo free shipping left shortcode AJAX action that does not properly validate the content rech data parameter before...
EUVD-2026-15479
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Responsive Favicons allows Cross-Site Scripting XSS.This issue affects Responsive Favicons: from 0.0.0 before 2.0.2...
CVE-2026-3218
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Responsive Favicons allows Cross-Site Scripting XSS.This issue affects Responsive Favicons: from 0.0.0 before 2.0.2...
CVE-2026-3218
CVE-2026-3218: Drupal Responsive Favicons contains an XSS due to improper filtering of administrator-entered text. Affects versions prior to 2.0.2. Exploitation requires the attacker to have the permission administering responsive favicons. Remediation: update to 2.0.2 or later (as noted in the l...
CVE-2026-3218 Responsive Favicons - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-019
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Responsive Favicons allows Cross-Site Scripting XSS.This issue affects Responsive Favicons: from 0.0.0 before 2.0.2...
CVE-2026-3218 Responsive Favicons - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-019
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Responsive Favicons allows Cross-Site Scripting XSS.This issue affects Responsive Favicons: from 0.0.0 before 2.0.2...
CVE-2026-4692
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Responsive Design Mode component...
SUSE CVE-2026-4692
Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
Malicious code in svg-sizer-responsive (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a60820b0fbec756691b147e45ad8157501c307c7864249a6a7b112b5293846e The package svg-sizer-responsive was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2162 Malicious code in svg-sizer-responsive (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a60820b0fbec756691b147e45ad8157501c307c7864249a6a7b112b5293846e The package svg-sizer-responsive was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview svg-sizer-responsive is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Drupal Responsive Favicons 安全漏洞
Drupal Responsive Favicons is an extension for the Drupal content management system that is designed to generate and adapt favicon icons for multiple devices and browsers. Versions of Drupal Responsive Favicons prior to 2.0.2 contained a security vulnerability caused by improper input handling,...
Linux Distros Unpatched Vulnerability : CVE-2026-4692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and...
EUVD-2026-14807
Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox 149, Firefox ESR 115.34, and Firefox ESR 140.9...