CVE-2025-69011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPKube Cool Tag Cloud cool-tag-cloud allows Stored XSS.This issue affects Cool Tag Cloud: from n/a through = 2.29...

CVE-2025-69011 WordPress Cool Tag Cloud plugin <= 2.29 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPKube Cool Tag Cloud cool-tag-cloud allows Stored XSS.This issue affects Cool Tag Cloud: from n/a through = 2.29...

PT-2026-21120

Name of the Vulnerable Software and Affected Versions WPKube Cool Tag Cloud versions through 2.29 Description The software contains a flaw related to improper input handling during web page creation, specifically a Stored Cross-site Scripting issue. This allows for the injection of malicious...

WordPress Cool Tag Cloud plugin <= 2.29 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Cool Tag Cloud versions = 2.29...

CVE-2025-13614

CVE-2025-13614 corresponds to a Stored Cross‑Site Scripting (XSS) vulnerability in the WordPress plugin Cool Tag Cloud. Public details confirm: all versions up to and including 2.29 are affected due to insufficient input sanitization and output escaping on user-supplied attributes in the cool_tag...

CVE-2025-13614 Cool Tag Cloud <= 2.29 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Cool Tag Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cooltagcloud' shortcode in all versions up to, and including, 2.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2025-34313

IPFire

CVE-2025-34313 IPFire < v2.29 Stored XSS via User Quota Rule URL Filter

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the QUOTAUSERS parameter when creating a user quota rule. When a user adds a new user quota rule the application...

PT-2025-44174

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire versions prior to 2.29 Core Update 198 are susceptible to a stored cross-site scripting XSS issue. An authenticated attacker can inject arbitrary JavaScript code through the...

EUVD-2017-4025

Malware in sbrugna...

EUVD-2021-27821

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-27626

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin...

PT-2025-34797 · Ipfire · Ipfire

Name of the Vulnerable Software and Affected Versions: IPFire version 2.29 Description: The Calamaris log exporter CGI script /cgi-bin/logs.cgi/calamaris.dat does not properly sanitize user-supplied input before using it in shell commands. This allows a remote, unauthenticated attacker to inject...

IPFire 安全漏洞

IPFire is an open source Linux distribution from the IPFire organization. It is primarily used as a router and firewall. A security vulnerability exists in IPFire version 2.29, which stems from logs.cgi not being cleaned of user input and could lead to the execution of arbitrary OS commands...

CVE-2025-51529

Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service database server resource exhaustion via unlimited database write operations to the...

CVE-2025-51529

Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service database server resource exhaustion via unlimited database write operations to the...

PT-2025-33736 · WordPress · Jonkastonka Cookies/Content Security Policy

Name of the Vulnerable Software and Affected Versions: jonkastonka Cookies and Content Security Policy plugin versions through 2.29 Description: Incorrect access control in the AJAX endpoint functionality allows remote attackers to cause a denial of service database server resource exhaustion via...

CVE-2025-51529

Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service database server resource exhaustion via unlimited database write operations to the...

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

Dotclear 安全漏洞

Dotclear is an open source blog publishing application from Dotclear Open Source. A security vulnerability exists in Dotclear version 2.29, which stems from a reflected cross-site scripting XSS vulnerability in the Search function of Admin Panel...