55 matches found
EUVD-2025-5902
Malicious code in bioql PyPI...
EUVD-2023-12394
Malicious code in bioql PyPI...
EUVD-2025-2710
Malicious code in bioql PyPI...
EUVD-2023-26841
Malicious code in bioql PyPI...
EUVD-2024-35511
Malicious code in bioql PyPI...
CVE-2025-22310
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in marsian TemplatesNext ToolKit templatesnext-toolkit allows Stored XSS.This issue affects TemplatesNext ToolKit: from n/a through = 3.2.9...
CVE-2023-22712
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TemplatesNext TemplatesNext ToolKit plugin = 3.2.7 versions...
CVE-2024-13559 TemplatesNext ToolKit <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The TemplatesNext ToolKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'txwoowishlisttable' shortcode in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
CVE-2024-13559 TemplatesNext ToolKit <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The TemplatesNext ToolKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'txwoowishlisttable' shortcode in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
CVE-2024-13559
CVE-2024-13559 concerns the TemplatesNext ToolKit WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) in the plugin’s shortcodes, specifically tx_woo_wishlist_table, and affects all versions up to and including 3.2.9. The root cause is insufficient input sanitization...
WordPress plugin TemplatesNext ToolKit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...
CVE-2025-22310
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in marsian TemplatesNext ToolKit templatesnext-toolkit allows Stored XSS.This issue affects TemplatesNext ToolKit: from n/a through = 3.2.9...
CVE-2025-22310
CVE-2025-22310 : Stored XSS in TemplatesNext ToolKit (TemplatesNext ToolKit
CVE-2025-22310 WordPress TemplatesNext ToolKit plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in marsian TemplatesNext ToolKit templatesnext-toolkit allows Stored XSS.This issue affects TemplatesNext ToolKit: from n/a through = 3.2.9...
CVE-2025-22310 WordPress TemplatesNext ToolKit plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in marsian TemplatesNext ToolKit templatesnext-toolkit allows Stored XSS.This issue affects TemplatesNext ToolKit: from n/a through = 3.2.9...
WordPress plugin TemplatesNext ToolKit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...
PT-2025-4425 · Unknown · Templatesnext Toolkit
Name of the Vulnerable Software and Affected Versions: TemplatesNext ToolKit versions 3.2.9 and earlier Description: The issue affects TemplatesNext ToolKit, allowing Stored XSS due to improper neutralization of input during web page generation. This enables an attacker to inject malicious script...
WordPress TemplatesNext ToolKit plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin TemplatesNext ToolKit versions = 3.2.9...
TemplatesNext OnePager <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The TemplatesNext OnePager plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...
CVE-2024-35753
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in TemplatesNext TemplatesNext OnePager allows Stored XSS.This issue affects TemplatesNext OnePager: from n/a through 1.3.3...