138 matches found
EUVD-2023-56373
Malicious code in bioql PyPI...
EUVD-2024-45731
Malicious code in bioql PyPI...
CVE-2024-51939
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Santhosh veer Stylish Internal Links stylish-internal-links allows DOM-Based XSS.This issue affects Stylish Internal Links: from n/a through = 1.9...
CVE-2023-51673
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
CVE-2008-3754
SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter...
WordPress Stylish Price List plugin < 7.1.8 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Stylish Price List versions 7.1.8...
CVE-2024-7758
The Stylish Price List WordPress plugin before 7.1.8 does not sanitise and escape some of its settings, which could allow high privilege users of contributor and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite set...
CVE-2024-7758
The Stylish Price List WordPress plugin before 7.1.8 does not sanitise and escape some of its settings, which could allow high privilege users of contributor and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite set...
CVE-2024-7758
The Stylish Price List WordPress plugin before 7.1.8 does not sanitise and escape some of its settings, which could allow high privilege users of contributor and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite set...
CVE-2024-7758 Stylish Price List < 7.1.8 - Contributor+ Stored XSS
The Stylish Price List WordPress plugin before 7.1.8 does not sanitise and escape some of its settings, which could allow high privilege users of contributor and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite set...
CVE-2024-7758
CVE-2024-7758 — WordPress Stylish Price List plugin : The plugin before version 7.1.8 does not adequately sanitize and escape certain settings, enabling potential stored XSS for high-privilege users (contributors and above) even when the unfiltered_html capability is disallowed (e.g., in multisit...
PT-2025-21500 · WordPress · Stylish Price List
Name of the Vulnerable Software and Affected Versions: The Stylish Price List WordPress plugin versions prior to 7.1.8 Description: The issue allows high privilege users of contributor and above to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed...
CVE-2025-22651
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wppluginboxdev Stylish Google Sheet Reader stylish-google-sheet-reader allows Reflected XSS.This issue affects Stylish Google Sheet Reader: from n/a through = 4.0...
CVE-2025-22651
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wppluginboxdev Stylish Google Sheet Reader stylish-google-sheet-reader allows Reflected XSS.This issue affects Stylish Google Sheet Reader: from n/a through = 4.0...
CVE-2025-22651 WordPress Stylish Google Sheet Reader plugin <= 4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wppluginboxdev Stylish Google Sheet Reader stylish-google-sheet-reader allows Reflected XSS.This issue affects Stylish Google Sheet Reader: from n/a through = 4.0...
CVE-2025-22651
CVE-2025-22651 is a Reflected XSS vulnerability in the WordPress plugin Stylish Google Sheet Reader (versions ≤ 4.0). The issue arises from improper input neutralization during web page generation, allowing attacker-supplied input to be reflected and executed in a victim’s browser. Public sources...
PT-2025-16969 · Unknown · Stylish Google Sheet Reader
Name of the Vulnerable Software and Affected Versions: Stylish Google Sheet Reader versions n/a through 4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attacker...
WordPress plugin Stylish Google Sheet Reader 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-10472
The Stylish Price List WordPress plugin before 7.1.12 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress Stylish Google Sheet Reader plugin < 4.1 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Stylish Google Sheet Reader versions 4.1...