85 matches found
CVE-2025-49046
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup xPromoter topbarpromoter allows Reflected XSS.This issue affects xPromoter: from n/a through = 1.3.4...
CVE-2025-49046
CVE-2025-49046 (LambertGroup xPromoter top_bar_promoter) : The Red Hat/NVD/Patchstack data describe a reflected Cross‑Site Scripting (XSS) vulnerability in LambertGroup xPromoter’s top_bar_promoter for versions up to and including 1.3.4. The issue arises from improper neutralization of input duri...
CVE-2025-49046
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup xPromoter topbarpromoter allows Reflected XSS.This issue affects xPromoter: from n/a through = 1.3.4...
PT-2026-3969
Name of the Vulnerable Software and Affected Versions LambertGroup xPromoter versions through 1.3.4 Description A Reflected Cross-site Scripting XSS issue exists in the top bar promoter component of LambertGroup xPromoter. This allows for improper neutralization of input during web page generatio...
CVE-2025-68053
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...
EUVD-2025-203554
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...
CVE-2025-68053
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...
CVE-2025-68053 WordPress xPromoter plugin <= 1.3.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...
PT-2025-51444
Name of the Vulnerable Software and Affected Versions LambertGroup xPromoter versions through 1.3.4 Description A flaw exists in LambertGroup xPromoter that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This issue could potentially allow...
CVE-2025-12412
The Top Bar Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation on th tbnajaxadd function. This makes it possible for unauthenticated attackers to update the plugin's setting...
WordPress Top Bar Notification plugin <= 1.12 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by dayea song - Ahnlab in WordPress Plugin Top Bar Notification versions = 1.12...
CVE-2025-12412
The CVE-2025-12412 entry concerns the WordPress Top Bar Notification plugin (versions
CVE-2025-12412 Top Bar Notification <= 1.12 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Top Bar Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation on th tbnajaxadd function. This makes it possible for unauthenticated attackers to update the plugin's setting...
PT-2025-44957
The Top Bar Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation on th tbn ajax add function. This makes it possible for unauthenticated attackers to update the plugin's...
WordPress plugin Top Bar Notification 跨站请求伪造漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in...
WordPress plugin TopBar 跨站请求伪造漏洞
WordPress TopBar plugin is a plugin for adding a notification bar at the top of your website, mainly used to display messages, links or promotional content to help users attract attention and increase conversions. The WordPress TopBar plugin suffers from a cross-site request forgery vulnerability...
EUVD-2024-29786
Malicious code in bioql PyPI...
EUVD-2025-7854
Malicious code in bioql PyPI...
EUVD-2024-42570
Malicious code in bioql PyPI...
EUVD-2024-49793
Malicious code in bioql PyPI...