CVE-2026-4432

CVE-2026-4432 concerns the YITH WooCommerce Wishlist WordPress plugin prior to 4.13.0. Publicly exposed nonce in the /wishlist page allows unauthenticated attackers to rename any wishlist, due to insufficient ownership validation in the save_title() AJAX handler. Technical details across connecte...

PT-2026-31882

The YITH WooCommerce Wishlist WordPress plugin before 4.13.0 does not properly validate wishlist ownership in the save title AJAX handler before allowing wishlist renaming operations. The function only checks for a valid nonce, which is publicly exposed in the page source of the /wishlist/ page,...

EUVD-2026-14672

A security flaw has been discovered in bolo-blog 까지 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the attac...

CVE-2026-4616 bolo-blog Article Title article cross site scripting

A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...

CVE-2026-4616

CVE-2026-4616 affects bolo-blog 2.6.4, specifically the Article Title Handler component in /console/article/. The vulnerability arises from manipulating the articleTitle argument, enabling cross-site scripting. Exploitation is remote and an exploit has been publicly released; the project was info...

CVE-2026-4616

A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...

PT-2026-27273

A security flaw has been discovered in bolo-blog 까지 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the attac...

CVE-2026-2622

A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation results in cross site...

CVE-2026-2622

A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation results in cross site...

CVE-2026-2622

A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation results in cross site...

CVE-2026-2622 Blossom Article Title ArticleController.java content cross site scripting

A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation results in cross site...

PT-2026-20340

Name of the Vulnerable Software and Affected Versions Blossom versions up to 1.17.1 Description A flaw exists in Blossom that allows for cross site scripting. The issue is located within the Article Title Handler component, specifically in the ArticleController.java file and its content function...

CVE-2024-2996

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been classified as problematic. Affected is an unknown function of the component Page Title Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The...

EUVD-2022-51748

Malicious code in bioql PyPI...

EUVD-2022-5980

Malicious code in bioql PyPI...

EUVD-2023-23848

Malicious code in bioql PyPI...

CVE-2022-4400

A vulnerability was found in zbl1996 FS-Blog and classified as problematic. This issue affects some unknown processing of the component Title Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-21526...

CVE-2017-20059

A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input leads to basic cross site scripting Persistent. The attack may be launched remotely...

CVE-2024-2996

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been classified as problematic. Affected is an unknown function of the component Page Title Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The...

PT-2024-23169 · Unknown · Bdtask Multi-Store Inventory Management System

Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System versions up to 20240320 Description: A vulnerability was found in the Page Title Handler component of the system, which can lead to cross-site scripting. The manipulation can be launched remotely...