16 matches found
CVE-2026-3878 WP Docs <= 2.2.9 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'wpdocs_options[icon_size]'
The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdocsoptionsiconsize' parameter in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2024-2145
A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/update-tracker.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to launch the...
CVE-2024-2998
A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...
EUVD-2025-17290
Malicious code in bioql PyPI...
EUVD-2024-25498
Malicious code in bioql PyPI...
EUVD-2023-44613
Malicious code in bioql PyPI...
CVE-2024-51188
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting XSS vulnerability via the vsRuleVirtualServerName1.1.10.0.0 parameter on the /virtualserver.htm page...
CVE-2024-51189
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting XSS vulnerability via the macListName1.1.1.0.0 parameter on the /filters.htm page...
CVE-2024-53782 WordPress Photo Video Store plugin <= 21.07 - CSRF to Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in cmsaccount Photo Video Store photo-video-store allows Cross-Site Scripting XSS.This issue affects Photo Video Store: from n/a through = 21.07...
PT-2024-34558 · Trendnet · Trendnet Tew-652Brp +1
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-651BR version 2.04B1 TRENDnet TEW-652BRP version 3.04b01 TRENDnet TEW-652BRU version 1.00b12 Description: The issue is related to a Store Cross-site scripting XSS vulnerability. This vulnerability can be exploited via the ptRule...
PT-2024-34555 · Trendnet · Trendnet Tew-652Brp +1
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-651BR version 2.04B1 TRENDnet TEW-652BRP version 3.04b01 TRENDnet TEW-652BRU version 1.00b12 Description: The issue concerns a Store Cross-site scripting XSS vulnerability. This vulnerability can be exploited via the vsRule...
CVE-2024-51188
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting XSS vulnerability via the vsRuleVirtualServerName1.1.10.0.0 parameter on the /virtualserver.htm page...
CVE-2024-32333
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in MAC Filtering under the Firewall Page...
CVE-2024-32332
TOTOLINK N300RT with firmware V2.1.8-B20201030.1539 contains a store XSS vulnerability in WDS Settings on the Wireless page (CVE-2024-32332). Public descriptions across NVD/Red Hat/CNNVD/CVE listings confirm the vulnerable component and location. No inline exploit details or patch/version fixes a...
CVE-2023-44484
CVE-2023-44484 affects Online Blood Donation Management System v1.0. The vulnerability is a Stored Cross-Site Scripting (XSS) issue where the input from the firstName parameter in users/register.php is echoed unmodified into the response generated by users/member.php, resulting in plain text betw...
CVE-2023-3830 Bug Finder SASS BILLER store cross site scripting
A vulnerability was found in Bug Finder SASS BILLER 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /company/store. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The associated identifier of...