CVE-2026-9281

The Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jtlmacustomjs' Page Setting Custom JS Extension in all versions up to, and including, 3.1.0 due to insufficient input...

WordPress plugin Responsive FlipBook Plugin Wordpress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

HooToo Tripmate HT-TM01 2.000.022 - Cross-Site Request Forgery

Exploit Title: HooToo Tripmate HT-TM01 Cross Site Request Forgery Date: 03Sep15 Exploit Author: Ken Smith Contact: https://twitter.com/P4tchw0rk Vendor Homepage: http://www.hootoo.com Version: HT-TM01, version 2.000.022 1. Description Various functions in the device's admin web portal are...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via 1 parameters associated with saved settings, as demonstrated by the confSMTPMailServer1 parameter to ServerManager.srv...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to the default URI associated with a directory, as demonstrated by a the root directory and b the...