20 matches found
EUVD-2022-51957
Malicious code in bioql PyPI...
EUVD-2025-17290
Malicious code in bioql PyPI...
CVE-2025-49243
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark ShiftNav – Responsive Mobile Menu shiftnav-responsive-mobile-menu allows Stored XSS.This issue affects ShiftNav – Responsive Mobile Menu: from n/a through = 1.8...
CVE-2025-49243
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark ShiftNav – Responsive Mobile Menu shiftnav-responsive-mobile-menu allows Stored XSS.This issue affects ShiftNav – Responsive Mobile Menu: from n/a through = 1.8...
CVE-2025-49243
CVE-2025-49243 concerns ShiftNav – Responsive Mobile Menu (Sevenspark). Vulnerability: Stored Cross-Site Scripting due to improper input neutralization during web page generation. Affects ShiftNav from earlier versions up to 1.8 (no public details beyond that). Impact: could allow stored XSS payl...
CVE-2025-49243 WordPress ShiftNav – Responsive Mobile Menu plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark ShiftNav – Responsive Mobile Menu shiftnav-responsive-mobile-menu allows Stored XSS.This issue affects ShiftNav – Responsive Mobile Menu: from n/a through = 1.8...
CVE-2025-49243 WordPress ShiftNav – Responsive Mobile Menu plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark ShiftNav – Responsive Mobile Menu shiftnav-responsive-mobile-menu allows Stored XSS.This issue affects ShiftNav – Responsive Mobile Menu: from n/a through = 1.8...
PT-2025-24206 · Unknown · Shiftnav – Responsive Mobile Menu
Name of the Vulnerable Software and Affected Versions: ShiftNav – Responsive Mobile Menu versions 1.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means an attacker c...
WordPress plugin ShiftNav – Responsive Mobile Menu 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
WordPress ShiftNav – Responsive Mobile Menu plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin ShiftNav – Responsive Mobile Menu versions = 1.8...
CVE-2022-4627
The ShiftNav WordPress plugin before 1.7.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege use...
CVE-2022-4627
The ShiftNav WordPress plugin before 1.7.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege use...
CVE-2022-4627
The ShiftNav WordPress plugin before 1.7.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege use...
Cross site scripting
The ShiftNav WordPress plugin before 1.7.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege use...
CVE-2022-4627
CVE-2022-4627 details (Mode C) : The ShiftNav WordPress plugin before 1.7.2 is vulnerable to Stored XSS via certain shortcode attributes that are not properly validated/escaped before output. This could allow users with a low privilege level (as low as Contributor) to execute scripts that may aff...
CVE-2022-4627 ShiftNav – Responsive Mobile Menu < 1.7.2 - Contributor+ Stored XSS in Shortcode
The ShiftNav WordPress plugin before 1.7.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege use...
CVE-2022-4627 ShiftNav – Responsive Mobile Menu < 1.7.2 - Contributor+ Stored XSS in Shortcode
The ShiftNav WordPress plugin before 1.7.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege use...
PT-2023-14890 · WordPress · Shiftnav
Name of the Vulnerable Software and Affected Versions: ShiftNav WordPress plugin versions prior to 1.7.2 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins, due to th...
WordPress plugin ShiftNav 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
ShiftNav – Responsive Mobile Menu < 1.7.2 - Contributor+ Stored XSS in Shortcode
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...