34 matches found
CVE-2026-1845
creationtimestamp| type| source ---|---|--- 2026-04-24 10:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkad76ljud2a...
CVE-2026-33548 MantisBT has Stored HTML Injection / XSS when displaying Tags in Timeline
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...
CVE-2025-14675
creationtimestamp| type| source ---|---|--- 2026-03-07 09:27:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mghj627mz72u...
CVE-2025-69384
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdiscover Timeline Event History timeline-event-history allows Reflected XSS.This issue affects Timeline Event History: from n/a through = 3.2...
CVE-2025-69384
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdiscover Timeline Event History timeline-event-history allows Reflected XSS.This issue affects Timeline Event History: from n/a through = 3.2...
CVE-2025-69384
CVE-2025-69384 affects the WordPress Timeline Event History plugin (timeline-event-history) up to version 3.2. The issue is a Reflected XSS caused by improper input neutralization during web page generation, with CVSS v3.1 base score 7.1 (HIGH). The affected component is the timeline-event-histor...
CVE-2025-69384 WordPress Timeline Event History plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdiscover Timeline Event History timeline-event-history allows Reflected XSS.This issue affects Timeline Event History: from n/a through = 3.2...
CVE-2025-69384 WordPress Timeline Event History plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdiscover Timeline Event History timeline-event-history allows Reflected XSS.This issue affects Timeline Event History: from n/a through = 3.2...
WordPress plugin Timeline Event History 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
PT-2026-21165
Name of the Vulnerable Software and Affected Versions wpdiscover Timeline Event History versions through 3.2 Description The Timeline Event History component of wpdiscover is susceptible to a Reflected Cross-site Scripting issue. This occurs due to improper neutralization of input during web page...
WordPress Timeline Event History plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Timeline Event History versions = 3.2...
CVE-2025-70999
creationtimestamp| type| source ---|---|--- 2026-01-28 19:11:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdiy34os4z2i 2026-01-29 20:03:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdllgvpx4a2v...
CVE-2026-1127
The Timeline Event History plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the id parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2026-1127
The Timeline Event History plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the id parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2026-1127
The Timeline Event History plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the id parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2026-1127
CVE-2026-1127 concerns the WordPress plugin Timeline Event History. The vulnerability is a Reflected Cross-Site Scripting (XSS) via the id parameter in all versions up to and including 3.2, caused by insufficient input sanitization and output escaping. This could allow unauthenticated attackers t...
CVE-2026-1127 Timeline Event History <= 3.2 - Reflected Cross-Site Scripting
The Timeline Event History plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the id parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
PT-2026-4602
The Timeline Event History plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the id parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress Plugin: Timeline Event History – Cross-Site Script Vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
CVE-2025-68143
creationtimestamp| type| source ---|---|--- 2025-12-18 01:19:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ma7z2vaucw2y 2026-01-21 01:53:22+00:00| seen| https://bsky.app/profile/cryptonews-poster.bsky.social/post/3mcvks7wnai24 2026-01-21 01:54:01+00:00| seen|...