WordPress WPS Visitor Counter plugin plugin <= 1.4.8 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin WPS Visitor Counter versions = 1.4.8...

CVE-2025-9116

The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2025-9116

The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2025-9116

The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2025-9116 WPS Visitor Counter Plugin <= 1.4.8 - Reflected XSS via $_SERVER['REQUEST_URI']

The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2025-9116 WPS Visitor Counter Plugin <= 1.4.8 - Reflected XSS via $_SERVER['REQUEST_URI']

The WPS Visitor Counter WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

EUVD-2025-203238

The WPS Visitor Counter Plugin WordPress plugin through 1.4.8 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

WordPress plugin WPS Visitor Counter Plugin 安全漏洞

...

PT-2025-51089

The WPS Visitor Counter Plugin WordPress plugin through 1.4.8 does not escape the $ SERVER'REQUEST URI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

EUVD-2025-8594

Malicious code in bioql PyPI...

EUVD-2025-17192

Malicious code in bioql PyPI...

CVE-2025-30627

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in regolithsjk Elegant Visitor Counter elegant-visitor-counter allows Stored XSS.This issue affects Elegant Visitor Counter: from n/a through = 3.1...

CVE-2025-30627

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in regolithsjk Elegant Visitor Counter elegant-visitor-counter allows Stored XSS.This issue affects Elegant Visitor Counter: from n/a through = 3.1...

CVE-2025-30627 WordPress Elegant Visitor Counter plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in regolithsjk Elegant Visitor Counter elegant-visitor-counter allows Stored XSS.This issue affects Elegant Visitor Counter: from n/a through = 3.1...

CVE-2025-30627 WordPress Elegant Visitor Counter plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in regolithsjk Elegant Visitor Counter elegant-visitor-counter allows Stored XSS.This issue affects Elegant Visitor Counter: from n/a through = 3.1...

CVE-2025-30627

CVE-2025-30627 describes a Stored XSS in Elegant Visitor Counter (WordPress plugin) due to improper input neutralization during web page generation. Affected software: Elegant Visitor Counter up to version 3.1. Root cause: inadequate sanitization of input leading to script injection in pages gene...

PT-2025-24148 · Unknown · Elegant Visitor Counter

Name of the Vulnerable Software and Affected Versions: Elegant Visitor Counter versions n/a through 3.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

WordPress plugin Elegant Visitor Counter 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Elegant Visitor Counter plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Elegant Visitor Counter versions = 3.1...

CVE-2025-31449

Cross-Site Request Forgery CSRF vulnerability in EricH The Visitor Counter the-visitor-counter allows Stored XSS.This issue affects The Visitor Counter: from n/a through = 1.4.3...