EUVD-2025-24688

Malicious code in bioql PyPI...

CVE-2025-54706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Posts Display magical-posts-display allows DOM-Based XSS.This issue affects Magical Posts Display: from n/a through = 1.2.52...

CVE-2025-54706 WordPress Magical Posts Display Plugin plugin <= 1.2.52 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Posts Display allows DOM-Based XSS. This issue affects Magical Posts Display: from n/a through 1.2.52...

CVE-2025-54706

CVE-2025-54706 concerns the WordPress plugin Magical Posts Display (versions up to and including 1.2.52). The issue is a DOM-based cross-site scripting (XSS) vulnerability caused by improper neutralization of user input during web page generation. Impact, per the sources, is low to medium across ...

WordPress plugin Magical Posts Display 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

Sliderby10Web < 1.2.52 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize and escape some of its settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed Create/edit a slider, put the following payload in the CSS settings and save: The XSS will be...