CVE-2025-23444 WordPress Scroll Top Advanced plugin <= 2.5 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nasir179125 Scroll Top Advanced scroll-top-advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a through = 2.5...

CVE-2025-23444 WordPress Scroll Top Advanced plugin <= 2.5 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nasir179125 Scroll Top Advanced scroll-top-advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a through = 2.5...

CVE-2025-23444

CVE-2025-23444 describes a Stored XSS in the WordPress plugin “Scroll Top Advanced” due to improper neutralization of input during web page generation. Affected software: Scroll Top Advanced — from n/a through 2.5. The Red Hat and ENISA/EUVD entries corroborate the Cross-site Scripting risk and t...

WordPress Scroll Top plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Scroll Top versions = 1.3.3...

WordPress Track Page Scroll plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Track Page Scroll versions = 1.0.2...

WordPress Scroll Top Advanced plugin <= 2.5 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Scroll Top Advanced versions = 2.5...

WordPress plugin Scroll Top Advanced 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress CRUDLab Scroll to Top Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin CRUDLab Scroll to Top versions = 1.0.1...

CVE-2024-11442

The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' shortcode in all versions up to, and including, 10.1 due to insufficient input sanitization and output escaping on user supplied attributes...

CVE-2024-11442 Horizontal scroll image slideshow <= 10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' shortcode in all versions up to, and including, 10.1 due to insufficient input sanitization and output escaping on user supplied attributes...

WordPress Horizontal scroll image slideshow plugin <= 10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Horizontal scroll image slideshow versions = 10.1...

WordPress plugin Horizontal scroll image slideshow 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

CVE-2024-52492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Image horizontal reel scroll slideshow image-horizontal-reel-scroll-slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a through = 13.4...

CVE-2024-52492

CVE-2024-52492 details a Stored Cross-Site Scripting (XSS) flaw in the WordPress plugin Image horizontal reel scroll slideshow (versions

PT-2024-35785 · Unknown · Lafelabs Chaos

Name of the Vulnerable Software and Affected Versions: LafeLabs Chaos version 0.0.1 Description: A cross-site scripting XSS issue exists in the "/scroll.php" endpoint, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload. This could potentially lead to unauthorized...

WordPress Image horizontal reel scroll slideshow Plugin <= 13.4 is vulnerable to Cross Site Scripting (XSS)

Software Image horizontal reel scroll slideshow Type Plugin Vulnerable versions = 13.4 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-52492 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f3bd39fc0f00 Credits UKO Required...

CVE-2024-51647

Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25...

CVE-2024-51647 WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25...

CVE-2024-51647 WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25...

CVE-2024-51647

The CVE-2024-51647 entry concerns the WordPress Featured Posts Scroll plugin, versions 1.25 and earlier. The vulnerability is CSRF that enables Stored XSS within the plugin. PT-2024-34791 provides a practical note: a CSRF flaw allows stored XSS; workaround recommendations include disabling exploi...