10 matches found
EUVD-2025-15353
Malicious code in bioql PyPI...
WordPress Geocache Stat Bar Widget plugin <= 0.911 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Geocache Stat Bar Widget versions = 0.911...
CVE-2024-11266
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266 Geocache Stat Bar Widget <= 0.911 - Admin+ Stored XSS
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266 Geocache Stat Bar Widget <= 0.911 - Admin+ Stored XSS
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266
CVE-2024-11266 concerns the Geocache Stat Bar Widget WordPress plugin, up to version 0.911, which does not sufficiently sanitize/escape certain settings. This can let high-privilege users (e.g., admins) perform Stored Cross-Site Scripting even when unfiltered_html is disallowed, particularly in m...
WordPress plugin Geocache Stat Bar Widget 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-21417 · WordPress · Geocache Stat Bar Widget
Name of the Vulnerable Software and Affected Versions: Geocache Stat Bar Widget WordPress plugin versions 0.911 and earlier Description: The issue concerns the Geocache Stat Bar Widget WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow...