2019 matches found
PT-2025-7014 · Unknown · Notfound Coronavirus (Covid-19) Outbreak Data Widgets
Name of the Vulnerable Software and Affected Versions: NotFound Coronavirus COVID-19 Outbreak Data Widgets versions 1.1.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This...
CVE-2025-25095
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through = 2.1...
CVE-2025-25095
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through = 2.1...
CVE-2025-25095
CVE-2025-25095 concerns the WordPress plugin ReverbNation Widgets. The available connected documentation confirms an XSS risk (Stored XSS) caused by improper neutralization of input during web page generation. Affected software is ReverbNation Widgets up to version 2.1 (versions n/a–2.1 noted in ...
CVE-2025-25095 WordPress ReverbNation Widgets plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability<
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reverbnationdev ReverbNation Widgets reverbnation-widgets allows Stored XSS.This issue affects ReverbNation Widgets: from n/a through = 2.1...
CVE-2025-25095 WordPress ReverbNation Widgets plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability<
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reverbnationdev ReverbNation Widgets allows Stored XSS. This issue affects ReverbNation Widgets: from n/a through 2.1...
PT-2025-5927 · Reverbnation · Reverbnation Widgets
Name of the Vulnerable Software and Affected Versions: ReverbNation Widgets versions n/a through 2.1 Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability, specifically Stored XSS. This allows for...
WordPress plugin ReverbNation Widgets 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-25926
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IndiaNIC Widgets Controller allows Reflected XSS.This issue affects Widgets Controller: from n/a through 1.1...
CVE-2024-43271
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Themelocation Woo Products Widgets For Elementor allows PHP Local File Inclusion.This issue affects Woo Products Widgets For Elementor: from n/a through 2.0.0...
CVE-2024-43304
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.8.0...
CVE-2024-47312
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Grim Classic Editor and Classic Widgets classic-editor-and-classic-widgets allows SQL Injection.This issue affects Classic Editor and Classic Widgets: from n/a through = 1.4.1...
CVE-2024-29792
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor Free Widgets, Addons,...
CVE-2024-49614
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SermonAudio SermonAudio Widgets sermonaudio-widgets allows SQL Injection.This issue affects SermonAudio Widgets: from n/a through = 1.9.3...
CVE-2024-42020
A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets that allows HTML injection...
CVE-2024-37090
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2; Consulting Elementor Widgets: fro...
CVE-2024-37089
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0...
CVE-2024-37092
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0...
CVE-2024-37091
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0;...
CVE-2024-22290
Cross-Site Request Forgery CSRF vulnerability in AboZain,O7abeeb,UnitOne Custom Dashboard Widgets allows Cross-Site Scripting XSS.This issue affects Custom Dashboard Widgets: from n/a through 1.3.1...