EUVD-2025-3020

Malicious code in bioql PyPI...

CVE-2025-22817

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Venutius BP Profile Shortcodes Extra bp-profile-shortcodes-extra allows Stored XSS.This issue affects BP Profile Shortcodes Extra: from n/a through = 2.6.0...

CVE-2025-22817 WordPress BP Profile Shortcodes Extra plugin <= 2.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Venutius BP Profile Shortcodes Extra bp-profile-shortcodes-extra allows Stored XSS.This issue affects BP Profile Shortcodes Extra: from n/a through = 2.6.0...

CVE-2025-22817

CVE-2025-22817 is an authenticated Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin BP Profile Shortcodes Extra. Affected versions are reported as from n/a through 2.6.0. The issue stems from improper neutralization of input during web page generation, enabling stored XSS. ...

PT-2024-17220 · WordPress · Bp Profile Shortcodes Extra

Name of the Vulnerable Software and Affected Versions: BP Profile Shortcodes Extra plugin for WordPress versions up to, and including, 2.6.0 Description: The issue is related to time-based SQL Injection via the tab parameter due to insufficient escaping on the user-supplied parameter and lack of...

WordPress plugin BP Profile Shortcodes Extra SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

WordPress BP Profile Shortcodes Extra plugin <= 2.6.0 - Authenticated (Contributor+) SQL Injection via tab Parameter vulnerability

Authenticated Contributor+ SQL Injection via tab Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin BP Profile Shortcodes Extra versions = 2.6.0...

WordPress plugin Shortcodes and extra features for Phlox theme 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

CVE-2023-47815

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Venutius BP Profile Shortcodes Extra plugin = 2.5.2 versions...

CVE-2023-47815

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Venutius BP Profile Shortcodes Extra plugin = 2.5.2 versions...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Venutius BP Profile Shortcodes Extra plugin = 2.5.2 versions...

CVE-2023-47815

CVE-2023-47815 affects the WordPress plugin BP Profile Shortcodes Extra (Venutius) up to version 2.5.2. The vulnerability is Cross-Site Scripting due to improper neutralization of input during web page generation. Patchstack and related sources indicate the fix is to upgrade to 2.5.3 or newer. Th...

WordPress BP Profile Shortcodes Extra Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software BP Profile Shortcodes Extra Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47815 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 426f08e56edb Credits Ngô Thiên An ancorn from...