PT-2025-44713

Name of the Vulnerable Software and Affected Versions Qi Blocks plugin for WordPress versions up to and including 1.4.3 Description The Qi Blocks plugin for WordPress is susceptible to a missing authorization issue. The plugin stores arbitrary CSS styles submitted through the...

Mapbox: Stored XSS | api.mapbox.com | IE 11 | Styles name

On December 24, 2019, user @renekroka reported a stored XSS injection vulnerability on api.mapbox.com that affected users in Internet Explorer 11. An attacker could store XSS injections on Mapbox servers, and then exploit them in IE11 due to JSON responses not including the X-Content-Type-Options...