29 matches found
CVE-2024-2263
Themify WordPress plugin before 1.4.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
EUVD-2021-11797
Malware in sbrugna...
EUVD-2022-43232
Malicious code in bioql PyPI...
EUVD-2025-17373
Malicious code in bioql PyPI...
EUVD-2024-51697
Malicious code in bioql PyPI...
EUVD-2024-50767
Malicious code in bioql PyPI...
EUVD-2023-24080
Malicious code in bioql PyPI...
EUVD-2024-27279
Malicious code in bioql PyPI...
EUVD-2024-49521
Malicious code in bioql PyPI...
CVE-2025-5921
The SureForms WordPress plugin before 1.7.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both authenticated and unauthenticated users...
CVE-2025-47652 WordPress Infility Global plugin <= 2.13.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Infility Infility Global infility-global allows Reflected XSS.This issue affects Infility Global: from n/a through = 2.13.4...
CVE-2025-27361
CVE-2025-27361 concerns the WordPress plugin “Photo Express for Google” (thhake) with versions
CVE-2023-3118
The Export All URLs WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2021-25006
The MOLIE WordPress plugin through 0.5 does not escape the courseid parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue...
CVE-2025-1303
The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2025-27308
CVE-2025-27308 : WordPress WP Video Posts plugin is affected (versions up to 3.5.1) by a Reflected Cross-Site Scripting vulnerability caused by improper neutralization of input during web page generation. Public details consistently reference WP Video Posts in this CVE; exploitation status and fi...
CVE-2025-32651 WordPress SERPed.net Plugin <= 4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in serpednet SERPed.net serped-net allows Reflected XSS.This issue affects SERPed.net: from n/a through = 4.6...
CVE-2025-22263 WordPress Global Gallery plugin <= 8.8.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Global Gallery allows Reflected XSS. This issue affects Global Gallery: from n/a through 8.8.0...
CVE-2025-32553 WordPress RestroPres Plugin <= 3.1.8.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Magnigenie RestroPress allows Reflected XSS. This issue affects RestroPress: from n/a through 3.1.8.4...
CVE-2024-13876
The mEintopf WordPress plugin through 0.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...