4 matches found
PT-2026-25299
CVE-2026-32455 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects ... https://t.co/yGGoLxAaYH...
CVE-2025-66458
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, there are multiple XSS due to unsafe use of f-strings in Markup. The issue requires a malicious 3rd party server responding with a JSON document...
CVE-2024-35108
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/homeProdeal.php?mudi=del&dataType=&dataTypeCN...
PT-2023-13945 · WordPress · Royal Elementor Addons
Name of the Vulnerable Software and Affected Versions: The Royal Elementor Addons WordPress plugin versions prior to 1.3.56 Description: The issue is related to the lack of authorization and CSRF checks when deleting a template, and it does not ensure that the post to be deleted is a template. Th...