9 matches found
EUVD-2022-48992
Malicious code in bioql PyPI...
EUVD-2024-23538
Malicious code in bioql PyPI...
PT-2025-26965 · Drupal · Drupal Simple Xml Sitemap
Name of the Vulnerable Software and Affected Versions: Drupal Simple XML sitemap versions 0.0.0 through 4.2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows an attacker to perform Cross-Site...
PT-2025-25704 · Unknown · Rustaurius Ultimate Reviews
Name of the Vulnerable Software and Affected Versions: Rustaurius Ultimate Reviews versions n/a through 3.2.14 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For version...
PT-2025-17101 · Unknown · Ione360 Configurator
Name of the Vulnerable Software and Affected Versions: iONE360 configurator versions 2.0.0 through 2.0.56 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS in the iONE360 configurator...
PT-2025-14420 · Mad Fish Digital · Mad Fish Digital Bulk Noindex & Nofollow Toolkit
Name of the Vulnerable Software and Affected Versions: madfishdigital Bulk NoIndex & NoFollow Toolkit versions n/a through 2.16 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enable...
PT-2024-35883 · Sergio Micó · Simpleschema
Name of the Vulnerable Software and Affected Versions: SimpleSchema versions through 1.7.6.9 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for DOM-Based XSS. A Cross-site Scripting XSS...
CVE-2024-2280
The Better Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget link URL values in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
PT-2024-23052 · Dearflip · Dearflip
Name of the Vulnerable Software and Affected Versions: DearFlip versions through 2.2.26 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicious scripts int...