16 matches found
EUVD-2025-13728
Malicious code in bioql PyPI...
CVE-2025-47676
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Faiyaz Alam User Login History user-login-history allows Stored XSS.This issue affects User Login History: from n/a through = 2.1.6...
WordPress User Login History plugin <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin User Login History versions = 2.1.6...
CVE-2025-47676
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Faiyaz Alam User Login History user-login-history allows Stored XSS.This issue affects User Login History: from n/a through = 2.1.6...
CVE-2025-47676 WordPress User Login History plugin <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Faiyaz Alam User Login History user-login-history allows Stored XSS.This issue affects User Login History: from n/a through = 2.1.6...
CVE-2025-47676 WordPress User Login History plugin <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Faiyaz Alam User Login History user-login-history allows Stored XSS.This issue affects User Login History: from n/a through = 2.1.6...
CVE-2025-47676
CVE-2025-47676 affects WordPress plugin User Login History (versions up to 2.1.6). Description: Stored XSS due to improper input neutralization during web page generation. Exploitation status in provided docs: exploitation not indicated; CVSS 3.1 base score 6.5 (Media) with network attack vector,...
PT-2025-20221 · Unknown · Faiyaz Alam User Login History
Name of the Vulnerable Software and Affected Versions: Faiyaz Alam User Login History versions through 2.1.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker c...
WordPress user-login-history plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. user-login-history plugin is one of the user login tracking plugin. A cross-site scripting vulnerability exists in...
WordPress User Login History 1.5.2 Cross Site Scripting Vulnerability
WordPress User Login History plugin version 1.5.2 suffers from a cross site scripting vulnerability. Product: User Login History Wordpress Plugin - https://wordpress.org/plugins/user-login-history/ Vendor: Er Faiyaz Alam Tested version: 1.5.2 CVE ID: CVE-2017-15867 CVE description Multiple...
WordPress User Login History 1.5.2 Cross Site Scripting
Product: User Login History Wordpress Plugin - https://wordpress.org/plugins/user-login-history/ Vendor: Er Faiyaz Alam Tested version: 1.5.2 CVE ID: CVE-2017-15867 CVE description Multiple cross-site scripting XSS vulnerabilities in the user-login-history plugin through 1.5.2 for WordPress allow...
User Login History <= 1.5 - Cross-Site Scripting (XSS)
The User Login History WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the user-login-history plugin through 1.5.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefrom, 2 dateto, 3 userid, 4 username, 5 countryname, 6 browser, 7 operatingsystem, or 8 ipaddress parameter to...
CVE-2017-15867
Multiple cross-site scripting XSS vulnerabilities in the user-login-history plugin through 1.5.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefrom, 2 dateto, 3 userid, 4 username, 5 countryname, 6 browser, 7 operatingsystem, or 8 ipaddress parameter to...
CVE-2017-15867
Multiple cross-site scripting XSS vulnerabilities in the user-login-history plugin through 1.5.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefrom, 2 dateto, 3 userid, 4 username, 5 countryname, 6 browser, 7 operatingsystem, or 8 ipaddress parameter to...
CVE-2017-15867
The CVE-2017-15867 case concerns the WordPress User Login History plugin (versions up to 1.5.2). The issue is a Cross-Site Scripting (XSS) vulnerability where user-supplied HTTP GET parameters (date_from, date_to, user_id, username, country_name, browser, operating_system, ip_address) are inserte...