CVE-2025-49945

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kylegetson Shortcode Generator shortcode-generator allows Reflected XSS.This issue affects Shortcode Generator: from n/a through = 1.1...

Selio - Real Estate Directory <= 1.1 - SQL Injection & Persistent XSS

----- SQL Injection: ----- Vulnerable 'id' parameter is https://listing-themes.com/selio-wp/wp-admin/admin.php?page=ownlistingaddlisting=21 ----- Persistent XSS: ----- You need a new user account, then go to any property listing on the website and use 'ENQUIRY FORM' on the right sidebar. Or you...