10 matches found
EUVD-2025-7878
Malicious code in bioql PyPI...
CVE-2025-28929
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vivek Marakana Tabbed Login Widget tabbed-login allows Stored XSS.This issue affects Tabbed Login Widget: from n/a through = 1.1.2...
WordPress Tabbed Login Widget plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin Tabbed Login Widget versions = 1.1.2...
CVE-2025-28929
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vivek Marakana Tabbed Login Widget tabbed-login allows Stored XSS.This issue affects Tabbed Login Widget: from n/a through = 1.1.2...
CVE-2025-28929
CVE-2025-28929 relates to the WordPress Tabbed Login Widget (versions
CVE-2025-28929 WordPress Tabbed Login Widget plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vivek Marakana Tabbed Login Widget tabbed-login allows Stored XSS.This issue affects Tabbed Login Widget: from n/a through = 1.1.2...
CVE-2025-28929 WordPress Tabbed Login Widget plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vivek Marakana Tabbed Login Widget tabbed-login allows Stored XSS.This issue affects Tabbed Login Widget: from n/a through = 1.1.2...
WordPress plugin Tabbed Login Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...
CVE-2021-24522
The User Registration, User Profile, Login & Membership – ProfilePress Formerly WP User Avatar WordPress plugin before 3.1.11's widget for tabbed login/register was not properly escaped and could be used in an XSS attack which could lead to wp-admin access. Further, the plugin in several places...
ProfilePress < 3.1.11 - Unauthenticated Cross-Site Scripting (XSS) in tabbed login/register widget
The plugin's widget for tabbed login/register was not properly escaped and could be used in an XSS attack which could lead to wp-admin access. Further, the plugin in several places assigned $POST as $GET which meant that in some cases this could be replicated with just $GET parameters and no need...