CVE-2025-11876

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgunsubscriptionform' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

CVE-2025-11876 Mailgun Subscriptions <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgunsubscriptionform' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

CVE-2025-11876

CVE-2025-11876 concerns the WordPress plugin Mailgun Subscriptions (up to version 1.3.1). The issue is a Stored Cross-Site Scripting (XSS) vulnerability in the plugin’s shortcodes, specifically the mailgun_subscription_form attribute handling, caused by insufficient input sanitization and output ...

PT-2025-50898

The Mailgun Subscriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mailgun subscription form' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

EUVD-2018-20876

Malware in sbrugna...

EUVD-2025-9268

Malicious code in bioql PyPI...

EUVD-2024-45715

Malicious code in bioql PyPI...

CVE-2024-51923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Websand Websand Subscription Form websand-subscription-form allows Stored XSS.This issue affects Websand Subscription Form: from n/a through = 1.0.3...

CVE-2019-14364

An XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious JavaScript code through a publicly available subscription form using the esfpxname wp-admin/admin-ajax.php POST parameter...

CVE-2025-31745

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arni Cinco Subscription Form for Feedblitz feedblitz-email-subscription allows Stored XSS.This issue affects Subscription Form for Feedblitz: from n/a through = 1.0.9...

CVE-2025-31745

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arni Cinco Subscription Form for Feedblitz feedblitz-email-subscription allows Stored XSS.This issue affects Subscription Form for Feedblitz: from n/a through = 1.0.9...

CVE-2025-31745 WordPress Subscription Form for Feedblitz Plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arni Cinco Subscription Form for Feedblitz feedblitz-email-subscription allows Stored XSS.This issue affects Subscription Form for Feedblitz: from n/a through = 1.0.9...

WordPress plugin Subscription Form for Feedblitz 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

CVE-2024-51923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Websand Websand Subscription Form websand-subscription-form allows Stored XSS.This issue affects Websand Subscription Form: from n/a through = 1.0.3...

CVE-2024-51923 WordPress Websand Subscription Form plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Websand Websand Subscription Form websand-subscription-form allows Stored XSS.This issue affects Websand Subscription Form: from n/a through = 1.0.3...

CVE-2024-51923 WordPress Websand Subscription Form plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Websand Websand Subscription Form allows Stored XSS.This issue affects Websand Subscription Form: from n/a through 1.0.3...

CVE-2024-51923

CVE-2024-51923 describes a stored XSS in the WordPress plugin Websand Subscription Form . The vulnerability arises from improper input neutralization during page generation, affecting plugin versions up to and including 1.0.3 (and earlier). Multiple sources (NVD/Red Hat/CNNVD/CVE lists) confirm t...

WordPress plugin Websand Subscription Form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-35055 · Unknown · Websand Subscription Form

Name of the Vulnerable Software and Affected Versions: Websand Subscription Form versions 1.0.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject...

WordPress Websand Subscription Form plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Websand Subscription Form versions = 1.0.3...