WordPress Plugin AccessPress Social Icons 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2021-47769

Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent...

CVE-2021-47769

Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent...

EUVD-2026-2767

Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent...

CVE-2021-47769 Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS)

Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent...

CVE-2021-47769

CVE-2021-47769 affects Isshue Shopping Cart 3.5. The vulnerability is a persistent cross-site scripting (XSS) in the title input fields across stock, customer, and invoice modules. An attacker with elevated privileges can inject scripts that execute on preview, potentially enabling session hijack...

CVE-2021-47769 Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS)

Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent...

CVE-2026-0813

The Short Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'shortlinkposttitle' and 'shortlinkpagetitle' parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

Bdtask Isshue Shopping Cart security vulnerability

Bdtask Isshue Shopping Cart is an e-commerce shopping cart software system developed by the Bangladeshi company Bdtask. Version 3.5 of Bdtask Isshue Shopping Cart contains a security vulnerability. This vulnerability stems from persistent cross-site scripting in the title input fields of the...

EUVD-2022-2913

Malicious code in bioql PyPI...

CVE-2024-45406

Craft is a content management system CMS. Craft CMS 5 stored XSS can be triggered by the breadcrumb list and title fields with user input...

GHSA-28H4-788G-RH42 Craft CMS vulnerable to stored XSS in breadcrumb list and title fields

Summary Multiple Stored XSS can be triggered by the breadcrumb list and title fields with user input. Details 1. In the /admin/categories page, category title isn't sanitized and triggered xss. 2. In the category edit page under the /admin/categories/, category title in breadcrumb list isn't...

CVE-2024-45406 Craft CMS stored XSS in breadcrumb list and title fields

Craft is a content management system CMS. Craft CMS 5 stored XSS can be triggered by the breadcrumb list and title fields with user input...

CVE-2024-45406

Summary: CVE-2024-45406 affects Craft CMS (5.x). The vulnerability is a stored XSS in breadcrumb list and title fields that can be triggered by user input. This is documented across multiple sources (CVE entries, GHSA advisory, and OSV/NVD mirrors) and is described as a stored XSS impacting Craft...

CVE-2022-48013

Opencats v0.9.7 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text fields...

MojoPortal Cross-Site Scripting Vulnerability (CNVD-2018-05173)

mojoPortal is an American programmer Joe Audette developed a set of open source , object-oriented Web site architecture WSF and content management system CMS, it provides event calendar , photo albums , file manager and so on. A cross-site scripting vulnerability exists in the Title and Subtitle...

Multiple Cross-Site Scripting Vulnerabilities in MetalGenix GeniXCMS

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A cross-site scripting vulnerability exists in MetalGenix GeniXCMS version 0.0.3. The vulnerability exists...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 message and 2 title fields...

CVE-2006-6400

Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the 1 Keyword and 2 Title fields, related to string length fields...