WordPress WHIZZ <=1.0.7 - Cross-Site Scripting

WordPress plugin WHIZZ 1.07 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

CVE-2026-24955

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fox-themes Whizz Plugins whizz-plugins allows Reflected XSS.This issue affects Whizz Plugins: from n/a through = 1.9...

CVE-2026-24955

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fox-themes Whizz Plugins whizz-plugins allows Reflected XSS.This issue affects Whizz Plugins: from n/a through = 1.9...

CVE-2026-24955 WordPress Whizz Plugins plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fox-themes Whizz Plugins whizz-plugins allows Reflected XSS.This issue affects Whizz Plugins: from n/a through = 1.9...

CVE-2026-24955

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fox-themes Whizz Plugins whizz-plugins allows Reflected XSS.This issue affects Whizz Plugins: from n/a through = 1.9...

CVE-2026-24955 WordPress Whizz Plugins plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fox-themes Whizz Plugins whizz-plugins allows Reflected XSS.This issue affects Whizz Plugins: from n/a through = 1.9...

CVE-2026-24955

CVE-2026-24955 corresponds to a Reflected XSS in Fox-Themes Whizz Plugins (WordPress) up to version 1.9. Affected component: Whizz Plugins in WordPress; vulnerability arises from improper input neutralization during web page generation, enabling reflected script execution. Impact per sources: use...

PT-2026-21236

Name of the Vulnerable Software and Affected Versions fox-themes Whizz Plugins versions through 1.9 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-Site Scripting XSS issue. This allows an...

WordPress plugin Whizz Plugins 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Whizz Plugins plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Whizz Plugins versions = 1.9...

EUVD-2017-17062

Malware in sbrugna...

EUVD-2016-1098

Malware in sbrugna...

EUVD-2024-28463

Malicious code in bioql PyPI...

MAL-2025-35321 Malicious code in test-mlw2-feare-chile-whizz-torcs (npm)

The package test-mlw2-feare-chile-whizz-torcs was found to contain malicious code...

Malicious code in test-mlw1-feare-chile-whizz-torcs (npm)

The package test-mlw1-feare-chile-whizz-torcs was found to contain malicious code...

Malicious code in test-mlw2-feare-chile-whizz-torcs (npm)

The package test-mlw2-feare-chile-whizz-torcs was found to contain malicious code...

CVE-2024-30543

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2017-8099

There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing attackers to delete any WordPress users and change the plugin's status via a GET request...

CVE-2024-30543

Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18...

CVE-2024-30543

CVE-2024-30543 is an authorization bypass via a user-controlled key in the UPQODE Whizz/Whizzy WordPress plugin, affecting versions from n/a to 1.1.18. The CVSS 3.1 base score is 6.5 (Network attack, Low attack complexity, Privileges Required: None, User Interaction: None, Confidentiality/Integri...