14 matches found
Dash Framework - Cross-site Scripting
Dash framework versions before 2.15.0 are vulnerable to Cross-site Scripting XSS via href attribute in anchor tags. This template tests for javascript:alert payload injection. id: CVE-2024-21485 info: name: Dash Framework - Cross-site Scripting author: Lee Changhyuneeche severity: medium...
Advisory ROSA-SA-2025-2924
software: qt5-qtbase 5.15.16 WASP: ROSA-CHROME unaffected versions = qt5-qtbase-5.15.16-3 affected versions qt5-qtbase-5.15.16-3 CVE-ID: CVE-2025-30348 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in QDom allows a remote attacker to execute a complex algorithm involving copying XML...
WordPress FoodMenu <= 1.20 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin FoodMenu versions = 1.20...
WordPress Infility Global plugin <= 2.13.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by astra.r3verii in WordPress Plugin Infility Global versions = 2.13.4...
WordPress Content Manager Light plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Content Manager Light versions = 3.2...
WordPress WP VR plugin <= 8.5.26 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WP VR versions = 8.5.26...
WordPress Syndicate Out <= 0.9 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Syndicate Out versions = 0.9...
WordPress WP Featured Screenshot Plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin WP Featured Screenshot versions = 1.3...
WordPress FS Poster plugin <= 6.5.8 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin FS Poster versions = 6.5.8...
WordPress Stop Registration Spam Plugin <= 1.24 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k in WordPress Plugin Stop Registration Spam versions = 1.24...
WordPress UXsniff Plugin <= 1.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin UXsniff versions = 1.3.1...
WordPress Easy Contact plugin <= 0.1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Phat RiO - Fore-Z co.ltd in WordPress Plugin Easy Contact versions = 0.1.2...
Advisory ROSA-SA-2025-2570
software: php 7.4.33 WASP: ROSA-CHROME packageevrstring: php-7.4.33-11 CVE-ID: CVE-2022-4900 BDU-ID: 2023-02666 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the phpcliserverstartupworkers sapi/cli/phpcliserver.c function of the PHP programming language interpreter is related to an operation...
open62541:fuzz_json_decode: Use-of-uninitialized-value in jumpOverRec
Detailed Report: https://oss-fuzz.com/testcase?key=5769092627955712 Project: open62541 Fuzzing Engine: libFuzzer Fuzz Target: fuzzjsondecode Job Type: libfuzzermsanopen62541 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: jumpOverRec jumpOverRec jumpOverRec...