CVE-2025-62032

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through 3.9.2...

EUVD-2025-38089

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through 3.9.2...

CVE-2025-62032

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through 3.9.2...

CVE-2025-62032 WordPress tagDiv Cloud Library plugin < 3.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through 3.9.2...

CVE-2025-62032 WordPress tagDiv Cloud Library plugin < 3.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Cloud Library td-cloud-library allows DOM-Based XSS.This issue affects tagDiv Cloud Library: from n/a through 3.9.2...

CVE-2025-62032

CVE-2025-62032 describes a DOM-based XSS in the WordPress plugin tagDiv Cloud Library (td-cloud-library) for versions earlier than 3.9.2, caused by improper input neutralization during web page generation. The issue affects the plugin prior to 3.9.2 and could allow injected scripts through DOM ma...

PT-2025-45299

Name of the Vulnerable Software and Affected Versions tagDiv Cloud Library versions prior to 3.9.2 Description The tagDiv Cloud Library contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-site Scripting XSS condition. This allows for the...

WordPress plugin tagDiv Cloud Library 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress tagDiv Cloud Library plugin < 3.9.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin tagDiv Cloud Library versions 3.9.2...

CVE-2023-1597

The tagDiv Cloud Library WordPress plugin before 2.7 does not have authorisation and CSRF in an AJAX action accessible to both unauthenticated and authenticated users, allowing unauthenticated users to change arbitrary user metadata, which could lead to privilege escalation by setting themselves ...

CVE-2023-1597

The CVE-2023-1597 entry corresponds to the tagDiv Cloud Library WordPress plugin and is supported by multiple connected documents. Affected software: tagDiv Cloud Library WordPress plugin prior to version 2.7. Root cause: lack of authorization and CSRF protection in an AJAX action that is accessi...

CVE-2023-1597 tagDiv Cloud Library < 2.7 - Unauthenticated Arbitrary User Metadata Update to Privilege Escalation

The tagDiv Cloud Library WordPress plugin before 2.7 does not have authorisation and CSRF in an AJAX action accessible to both unauthenticated and authenticated users, allowing unauthenticated users to change arbitrary user metadata, which could lead to privilege escalation by setting themselves ...

PT-2023-17106 · Tagdiv · Tagdiv Cloud Library

Name of the Vulnerable Software and Affected Versions: tagDiv Cloud Library WordPress plugin versions prior to 2.7 Description: The issue concerns a lack of authorisation and CSRF protection in an AJAX action, which can be accessed by both unauthenticated and authenticated users. This allows...

WordPress plugin tagDiv Cloud Library 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.WordPress plugin i...

WordPress tagDiv Cloud Library Plugin < 2.7 is vulnerable to Privilege Escalation

Software tagDiv Cloud Library Type Plugin Vulnerable versions 2.7 Fixed in 2.7 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-1597 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID d62f2f7e76e8 Credits Truoc Pha...

tagDiv Cloud Library < 2.7 - Unauthenticated Arbitrary User Metadata Update to Privilege Escalation

The plugin does not have authorisation and CSRF in an AJAX action accessible to both unauthenticated and authenticated users, allowing unauthenticated users to change arbitrary user metadata, which could lead to privilege escalation by setting themselves as an admin of the blog. PoC To set the us...

tagDiv Cloud Library < 2.7 - Unauthenticated Arbitrary User Metadata Update to Privilege Escalation

The plugin does not have authorisation and CSRF in an AJAX action accessible to both unauthenticated and authenticated users, allowing unauthenticated users to change arbitrary user metadata, which could lead to privilege escalation by setting themselves as an admin of the blog. To set the user...