EUVD-2025-34502

The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theetajaxrequiredpluginspopup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...

Nagios XI 5.5.10 XSS / Remote Code Execution Vulnerability

Various vulnerabilities have been found in Nagios XI version 5.5.10, which allow a remote attacker able to trick an authenticated victim with "autodiscovery job" creation privileges to visit a malicious URL to obtain a remote root shell via a reflected cross site scripting, an authenticated remot...

bowlingonline.se XSS vulnerability

Open Bug Bounty ID: OBB-654602 Description| Value ---|--- Affected Website:| bowlingonline.se Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

neuvoo.qa XSS vulnerability

Vulnerable URL: https://neuvoo.qa/jobs/?k='"==1===== Details: Description| Value ---|--- Patched:| No Latest check for patch:| 10.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 463347 VIP website status:| No Coordinated Disclosure Timeline: Description| Val...