WordPress plugin Silencesoft RSS Reader 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-14076

The CVE concerns the WordPress plugin iXML – Google XML sitemap generator, vulnerable to a Reflected Cross-Site Scripting (XSS) via the iXML_email parameter in all versions up to 0.6. The issue arises from insufficient input sanitization and output escaping, enabling unauthenticated attackers to ...

PT-2026-20611

The iXML – Google XML sitemap generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'iXML email' parameter in all versions up to, and including, 0.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2026-2153 mwielgoszewski doorman views.py is_safe_url redirect

A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function issafeurl of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed a...

EUVD-2026-5796

A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function issafeurl of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-62986

Cross-Site Request Forgery CSRF vulnerability in FanBridge FanBridge signup fanbridge-signup allows Stored XSS.This issue affects FanBridge signup: from n/a through = 0.6...

CVE-2025-62986 WordPress FanBridge signup plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in FanBridge FanBridge signup fanbridge-signup allows Stored XSS.This issue affects FanBridge signup: from n/a through = 0.6...

WordPress FanBridge signup plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin FanBridge signup versions = 0.6...

EUVD-2006-0866

Malware in sbrugna...

WordPress plugin Silencesoft RSS Reader 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

CVE-2025-48303 WordPress Post Type Converter plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kevin Langley Jr. Post Type Converter post-type-converter allows Cross Site Request Forgery.This issue affects Post Type Converter: from n/a through = 0.6...

wordpress plugin Post Type Converter 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. wordpress plugin is an application plugin. A cross-site request forge...

CVE-2025-22574

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cleanshooter ICS Button ics-button allows Stored XSS.This issue affects ICS Button: from n/a through = 0.6...

CVE-2024-5997

The Duplica – Duplicate Posts, Pages, Custom Posts or Users plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the duplicateuser and duplicatepost functions in all versions up to, and including, 0.6. This makes it possible for authenticate...

CVE-2022-45395

Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2020-20665

rudp v0.6 was discovered to contain a memory leak in the component main.c...

CVE-2025-43832 WordPress Remote Images Grabber plugin <= 0.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in andreyk Remote Images Grabber remote-images-grabber allows Reflected XSS.This issue affects Remote Images Grabber: from n/a through = 0.6...

Shiro-Action 安全漏洞

Shiro-Action is a Shiro-based permission management system by zhao jun individual developer. A security vulnerability exists in Shiro-Action v0.6, which stems from improper access control of the component /user/list, which could lead to access to sensitive information...

WordPress plugin Sensly Online Presence 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2022-39252

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust, and matrix-sdk-crypto is the Matrix encryption library. Prior to version 0.6, when a user requests a room key from their devices, the software correctly remembers the request. When the user receives a forwarded room...