54 matches found
EUVD-2021-34840
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php...
CVE-2021-47934 MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php...
CVE-2021-47934 MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php...
CVE-2021-47934
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php...
MyBB Timeline Plugin 跨站脚本漏洞
The MyBB Timeline Plugin is a plugin provided by MyBB Corporation that offers dynamic timeline displays and social activity stream functions for MyBB forums. Version 1.0 of the MyBB Timeline Plugin contained a cross-site scripting vulnerability. This vulnerability stemmed from cross-site scriptin...
CVE-2026-32421
The CVE concerns WordPress Post Timeline plugin (Post Timeline) versions up to 2.4.1 with a Missing Authorization vulnerability that enables bypass of access control. The issue is described as Broken Access Control affecting Post Timeline from unspecified versions up to and including 2.4.1, cause...
CVE-2025-62150
Technical details for CVE-2025-62150 are not provided in the supplied documents. Public information about affected plugin/version, exploitation, impact, or fixes is not present here; monitor for updates.
CVE-2025-62150 WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Themesawesome History Timeline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects History Timeline: from n/a through 1.0.6...
WordPress plugin History Timeline 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2013-4743
Malware in sbrugna...
EUVD-2024-42360
Malicious code in bioql PyPI...
EUVD-2024-42358
Malicious code in bioql PyPI...
EUVD-2024-42359
Malicious code in bioql PyPI...
EUVD-2025-5309
Malicious code in bioql PyPI...
CVE-2024-0977
The Timeline Widget For Elementor Elementor Timeline, Vertical & Horizontal Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image URLs in the plugin's timeline widget in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output...
WordPress plugin Unlimited Timeline 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in the...
CVE-2024-13571
The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13571
The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13571 Post Timeline < 2.3.10 - Reflected XSS
The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13571
CVE-2024-13571 affects the Post Timeline WordPress plugin prior to version 2.3.10. The issue is a Reflected Cross-Site Scripting (XSS) caused by insufficient sanitization/escaping of a parameter before it is output on the page, which could be exploited against high-privilege users (e.g., admins)....