17 matches found
CVE-2025-8413
The Listeo theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's soundcloud shortcode in version less than, or equal to, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
CVE-2025-8413
The Listeo theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's soundcloud shortcode in version less than, or equal to, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
CVE-2025-8413 Listeo <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundcloud Shortcode
The Listeo theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's soundcloud shortcode in version less than, or equal to, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
EUVD-2025-35908
The Listeo theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's soundcloud shortcode in version less than, or equal to, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
CVE-2025-8413
Summary (CVE-2025-8413): Listeo (WordPress theme)
CVE-2025-8413 Listeo <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundcloud Shortcode
The Listeo theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's soundcloud shortcode in version less than, or equal to, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
WordPress Listeo plugin <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundcloud Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via soundcloud Shortcode vulnerability discovered by Craig Webb in WordPress Theme Listeo versions = 2.0.8...
PT-2025-43713
Name of the Vulnerable Software and Affected Versions Listeo versions prior to 2.0.9 Description The Listeo theme for WordPress is susceptible to Stored Cross-Site Scripting through the soundcloud shortcode. Insufficient input sanitization and output escaping on user-supplied attributes allows...
EUVD-2023-38142
Malicious code in bioql PyPI...
EUVD-2024-23238
Malicious code in bioql PyPI...
CVE-2023-34018
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SoundCloud Inc. SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: from n/a through 3.1.0...
CVE-2024-25936 WordPress SoundCloud Shortcode plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SoundCloud Inc., Lawrie Malen SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: from n/a through 4.0.1...
WordPress plugin SoundCloud Shortcode cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress SoundCloud Shortcode Plugin <= 4.0.1 is vulnerable to Cross Site Scripting (XSS)
Software SoundCloud Shortcode Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-25936 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2b1a2e695d03 Credits LVT-tholv2k Requir...
CVE-2023-34018
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SoundCloud Inc. SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: from n/a through 3.1.0...
WordPress Plugin SoundCloud Shortcode Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress SoundCloud Shortcode Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS)
Software SoundCloud Shortcode Type Plugin Vulnerable versions = 3.1.0 Fixed in 4.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34018 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID bb0d82ac536c Credits yuyudhn Required...