CVE-2025-22738

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alimir WP ULike wp-ulike allows Stored XSS.This issue affects WP ULike: from n/a through = 4.7.6...

CVE-2018-11331

An issue was discovered in Pluck before 4.7.6. Remote PHP code execution is possible because the set of disallowed filetypes for uploads in missing some applicable ones such as .phtml and .htaccess...

PT-2025-21443 · WordPress · Wp Ulike

Name of the Vulnerable Software and Affected Versions: WP ULike WordPress plugin versions prior to 4.7.6 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowed, for...

CVE-2025-22738 WordPress WP ULike plugin <= 4.7.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TechnoWich WP ULike allows Stored XSS.This issue affects WP ULike: from n/a through 4.7.6...

WordPress plugin WP ULike 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

CVE-2024-37386

An issue was discovered in Stormshield Network Security SNS 4.0.0 through 4.3.25, 4.4.0 through 4.7.5, and 4.8.0. Certain manipulations allow restarting in single-user mode despite the activation of secure boot. The following versions fix this: 4.3.27, 4.7.6, and 4.8.2...

WordPress Bold Page Builder Plugin <= 4.7.6 is vulnerable to Cross Site Scripting (XSS)

Software Bold Page Builder Type Plugin Vulnerable versions = 4.7.6 Fixed in 4.7.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30179 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 767144e6c86c Credits LVT-tholv2k Required privilege...

CVE-2023-43792 baserCMS Code Injection Vulnerability in Mail Form Feature

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available...

baserCMS 代码注入漏洞

baserCMS is an enterprise-level content management system CMS from the baserCMS team. A code injection vulnerability exists in baserCMS versions 4.6.0 through 4.7.6, which stems from the application's failure to properly filter special elements of constructed snippets. An attacker can exploit the...

PT-2023-20906 · Ruoyi · Ruoyi

Name of the Vulnerable Software and Affected Versions: RuoYi versions 4.7.6 and below Description: An arbitrary file download issue in the background management module allows attackers to download arbitrary files on the server. Recommendations: For versions 4.7.6 and below, update to a version...

phpMyAdmin 4.7.0 <= 4.7.6, 4.8.0 <= 4.8.3 XSRF/CSRF Vulnerability (PMASA-2018-7) - Windows

phpMyAdmin is prone to an cross-site ccripting XSS and cross- site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...