176 matches found
PT-2025-46205
Name of the Vulnerable Software and Affected Versions ProsemirrorToHtml versions 0.2.0 and below Description The prosemirror to html gem contains a flaw that allows for Cross-Site Scripting XSS attacks. This is due to improper handling of HTML attribute values during the conversion of...
GHSA-52C5-VH7F-26FX Cross-Site Scripting (XSS) vulnerability through unescaped HTML attribute values
Impact The prosemirrortohtml gem is vulnerable to Cross-Site Scripting XSS attacks through malicious HTML attribute values. While tag content is properly escaped, attribute values are not, allowing attackers to inject arbitrary JavaScript code. Who is impacted: - Any application using...
EUVD-2005-0294
Malware in sbrugna...
EUVD-2019-0031
Malware in sbrugna...
EUVD-2025-25455
Malicious code in bioql PyPI...
EUVD-2025-8599
Malicious code in bioql PyPI...
EUVD-2025-25449
Malicious code in bioql PyPI...
EUVD-2025-10556
Malicious code in bioql PyPI...
EUVD-2025-28522
Malicious code in bioql PyPI...
EUVD-2025-29217
Malicious code in bioql PyPI...
EUVD-2025-25457
Malicious code in bioql PyPI...
EUVD-2025-7908
Malicious code in bioql PyPI...
EUVD-2022-4704
Malicious code in bioql PyPI...
EUVD-2025-23413
Malicious code in bioql PyPI...
CVE-2025-10180
The Markdown Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'markdown' shortcode in all versions up to, and including, 0.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2025-10180
The Markdown Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'markdown' shortcode in all versions up to, and including, 0.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2025-10180
The Markdown Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'markdown' shortcode in all versions up to, and including, 0.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2025-10180 Markdown Shortcode <= 0.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Markdown Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'markdown' shortcode in all versions up to, and including, 0.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
PT-2025-39516
Name of the Vulnerable Software and Affected Versions Markdown Shortcode plugin for WordPress versions prior to 0.2.2 Description The Markdown Shortcode plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'markdown' shortcode. Insufficient input sanitization and output...
WordPress plugin Markdown Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...