CVE-2026-1806 Tour & Activity Operator Plugin for TourCMS <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Tour & Activity Operator Plugin for TourCMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'target' parameter of the tourcmsdoclink shortcode in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possib...

CVE-2025-11810 Print Button Shortcode <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Print Button Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'print-button' shortcode in all versions up to, and including, 1.0.1. This is due to insufficient input sanitization and output escaping on the 'target' attribute. This makes it possible for...

HackerOne: Possible XSS

Hi, I opened this report as soon as I have read https://mathiasbynens.github.io/rel-noopener/ It doesn't necessarly affect HackerOne, nor have i given it enough time to get a working dom manipulation. But since Markdown allows creating target attributes to anchor tags, it may be possible to get...

CVE-2009-1598

Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrate...