CVE-2025-67549

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik oik allows DOM-Based XSS.This issue affects oik: from n/a through = 4.15.3...

EUVD-2025-202097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik oik allows DOM-Based XSS.This issue affects oik: from n/a through = 4.15.3...

CVE-2025-67549

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik oik allows DOM-Based XSS.This issue affects oik: from n/a through = 4.15.3...

CVE-2025-67549

CVE-2025-67549 affects the WordPress plugin oik up to version 4.15.3. Root cause: improper input neutralization during web page generation, enabling DOM-based XSS. Impact: DOM-based XSS with Low–Medium confidentiality, integrity, and availability effects (CVSS v3.1 base 6.5). Affected product: oik

WordPress plugin oik 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

PT-2025-49923

CVE-2025-67549 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobbingwide oik oik allows DOM-Based XSS.This issue affects oik:… https://t.co/n89C6BHSeV...

WordPress oik Plugin <= 4.15.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin oik versions = 4.15.2...

WordPress ProfilePress Plugin < 4.15.3 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

WordPress MStore API plugin <= 4.15.3 - Unauthorized User Registration vulnerability

Unauthorized User Registration vulnerability discovered by wesley wcraft in WordPress Plugin MStore API versions = 4.15.3...

WordPress MStore API Plugin <= 4.15.3 is vulnerable to Arbitrary File Upload

Software MStore API Type Plugin Vulnerable versions = 4.15.3 Fixed in 4.15.4 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-8242 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 5f5d39cca07a Credits stealthcopter Required privilege...

WordPress plugin MStore API 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress ProfilePress Plugin <= 4.15.2 is vulnerable to Cross Site Scripting (XSS)

Software ProfilePress Type Plugin Vulnerable versions = 4.15.2 Fixed in 4.15.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1535 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 06caa12c0913 Credits Arkadiusz Hydzik Required...

WordPress Matomo Analytics Plugin <= 4.15.3 is vulnerable to Cross Site Scripting (XSS)

Software Matomo Analytics Type Plugin Vulnerable versions = 4.15.3 Fixed in 5.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6923 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d69c8015e6ca Credits Felipe Restrepo...

Sierra Wireless AceManager Detection (HTTP)

HTTP based detection Sierra Wireless AceManager. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...