12 matches found
CVE-2025-10129
The WordPress Live Webcam Widget & Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'webcam' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
CVE-2025-10129
The WordPress Live Webcam Widget & Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'webcam' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
CVE-2025-10129
CVE-2025-10129 documents a Stored Cross‑Site Scripting vulnerability in the WordPress Live Webcam Widget & Shortcode plugin for WordPress (versions up to and including 1.2). The issue is triggered via the plugin’s 'webcam' shortcode due to insufficient input sanitization and output escaping, allo...
CVE-2025-10129 WordPress Live Webcam Widget & Shortcode <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WordPress Live Webcam Widget & Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'webcam' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
PT-2025-41662
Name of the Vulnerable Software and Affected Versions WordPress Live Webcam Widget & Shortcode plugin versions prior to 1.3 Description The WordPress Live Webcam Widget & Shortcode plugin is susceptible to Stored Cross-Site Scripting through the 'webcam' shortcode. Insufficient input sanitization...
EUVD-2025-31696
Malicious code in bioql PyPI...
CVE-2025-10130
The Layers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'webcam' shortcode in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
CVE-2025-10130
The Layers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'webcam' shortcode in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
CVE-2025-10130 Layers <= 0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Layers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'webcam' shortcode in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
CVE-2025-10130
CVE-2025-10130 concerns the WordPress Layers plugin (vulnerable versions:
CVE-2025-10130 Layers <= 0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Layers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'webcam' shortcode in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...
PT-2025-39930
Name of the Vulnerable Software and Affected Versions Layers plugin for WordPress versions prior to 0.6 Description The Layers plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'webcam' shortcode. This is due to inadequate input sanitization and output escaping of...