CVE-2025-62745 WordPress Team Showcase plugin <= 1.22.28 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Team Showcase allows Stored XSS. This issue affects Team Showcase: from n/a through 1.22.28...

CVE-2022-50947

The CVE-2022-50947 entry concerns WordPress Plugin Testimonial Slider and Showcase version 2.2.6. A stored XSS vulnerability exists in the post_title field due to insufficient sanitization, exploitable by authenticated editors with low privileges. Attackers with editor rights can inject JavaScrip...

CVE-2022-50947 WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS

WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the posttitle parameter. Attackers with editor privileges can inject JavaScript payloads through the...

CVE-2022-50947 WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS

WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the posttitle parameter. Attackers with editor privileges can inject JavaScript payloads through the...

WordPress plugin Testimonial Slider and Showcase 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Plugin YouTube Showcase Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin YouTube Showcase, which ste...

CVE-2025-15636 WordPress YouTube Showcase plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in emarket-design YouTube Showcase youtube-showcase allows Stored XSS.This issue affects YouTube Showcase: from n/a through = 3.5.1...

PT-2026-4142

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Logos Showcase superlogoshowcase-wp allows Reflected XSS.This issue affects Super Logos Showcase: from n/a through = 2.8...

CVE-2023-40558

Cross-Site Request Forgery CSRF vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin = 3.3.5 versions...

WordPress Team Showcase plugin <= 2.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Team Showcase versions = 2.9...

com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.4), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=4.0.2 <=5.0.6) +77 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=6.0.0 <=6.7.4)

org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =4.0.2, =4.0.2, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2025-64775 Source advisory: SNYK:JAVA-ORG...

EUVD-2020-23522

Malware in sbrugna...

EUVD-2025-11774

Malicious code in bioql PyPI...

EUVD-2023-45129

Malicious code in bioql PyPI...

CVE-2025-58684

CVE-2025-58684 : Stored XSS in WordPress plugin Logo Showcase (Logo Showcase – Responsive Logo Carousel, Grid, List & Ticker). Affected component/issue: improper neutralization of input during web page generation. Impact: stored XSS vulnerability in logos/grid rendering. Affected versions: up to ...

CVE-2025-58684 WordPress Logo Showcase plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Logo Showcase logo-showcase allows Stored XSS.This issue affects Logo Showcase: from n/a through = 4.0.1...

WordPress plugin Team Showcase 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A code injection vulnerability exists in WordPress...

CVE-2023-5639

The Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tmfshortcode' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-39431

Cross-Site Request Forgery CSRF vulnerability in Aaron Forgue Amazon Showcase WordPress Plugin amazon-showcase-wordpress-widget allows Stored XSS.This issue affects Amazon Showcase WordPress Plugin: from n/a through = 2.2...

CVE-2025-39431

CVE-2025-39431 : Cross-Site Request Forgery (CSRF) leading to Stored XSS in the Amazon Showcase WordPress Plugin. Affected: Amazon Showcase WordPress Plugin versions n/a through 2.2. Root cause/impact are described in multiple sources (NVD, CVE records, Red Hat) as CSRF enabling XSS; exploitation...