MAL-2025-3367 Malicious code in @sporta-technology/d11-web-components.toggle-button (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-32561

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plugins.club WPDEBUG Toggle enable-wp-debug-toggle allows Reflected XSS.This issue affects WPDEBUG Toggle: from n/a through = 1.1...

WordPress plugin WP_DEBUG Toggle 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17116 · WordPress · Wp Debug Toggle

Name of the Vulnerable Software and Affected Versions: WP DEBUG Toggle versions n/a through 1.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS in the WP DEBUG Toggle plugin...

SUSE-SU-2025:20259-1 Security update for docker

This update for docker fixes the following issues: - This update includes fixes for: CVE-2024-41110: Fixed Authz zero length regression bsc1228324 CVE-2023-47108: Fixed otelgrpc: DoS vulnerability in otelgrpc uncontrolled resource consumption due to unbound cardinality bsc1217070 bsc1229806...

Security update for docker

This update for docker fixes the following issues: This update includes fixes for: CVE-2024-41110: Fixed Authz zero length regression bsc1228324 CVE-2023-47108: Fixed otelgrpc: DoS vulnerability in otelgrpc uncontrolled resource consumption due to unbound cardinality bsc1217070 bsc1229806...

CVE-2025-31450

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phantom.omaga Toggle Box toggle-box allows Stored XSS.This issue affects Toggle Box: from n/a through = 1.6...

WordPress Toggle Box plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Toggle Box versions = 1.6...

CVE-2025-31450

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phantom.omaga Toggle Box toggle-box allows Stored XSS.This issue affects Toggle Box: from n/a through = 1.6...

CVE-2025-31450 WordPress Toggle Box plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phantom.omaga Toggle Box toggle-box allows Stored XSS.This issue affects Toggle Box: from n/a through = 1.6...

CVE-2025-31450

CVE-2025-31450 affects Toggle Box (WordPress plugin) and is an authenticated (Contributor+) Stored XSS in the Toggle Box code path. Primary details from the CVE entry indicate Improper Neutralization of Input During Web Page Generation leading to Stored XSS in Toggle Box versions up to 1.6. The W...

CVE-2025-31450 WordPress Toggle Box <= 1.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phantom.omaga Toggle Box allows Stored XSS. This issue affects Toggle Box: from n/a through 1.6...

WordPress plugin Toggle Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL context primitive restart can be toggled from WebContent process bsc1239547. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

CVE-2024-13703

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitaajaxtoggleae function in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2024-13703 CRM and Lead Management by vcita <= 2.7.5 - Missing Authorization to Authenticated (Susbcriber+) Widget Toggle

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitaajaxtoggleae function in all versions up to, and including, 2.7.5. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress plugin CRM and Lead Management by vcita 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

WordPress CRM and Lead Management by vcita plugin <= 2.7.1 - Missing Authorization to Authenticated (Susbcriber+) Widget Toggle vulnerability

Missing Authorization to Authenticated Susbcriber+ Widget Toggle vulnerability discovered by yudha in WordPress Plugin CRM and Lead Management by vcita versions = 2.7.5...

Security update for docker

This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...

SUSE-SU-2025:20110-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...