EUVD-2024-35410

Malicious code in bioql PyPI...

EUVD-2024-43546

Malicious code in bioql PyPI...

CVE-2025-58625

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through = 5.2.5...

PT-2025-35758

Name of the Vulnerable Software and Affected Versions: WP Flow Plus versions through 5.2.5 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. Recommendations: Update WP Flow Plus to a version...

CVE-2024-49695

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through = 5.2.3...

CVE-2024-49695

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through = 5.2.3...

CVE-2024-49695

CVE-2024-49695 involves a Stored XSS in WP Flow Plus (WordPress) due to improper input neutralization during web page generation in versions up to 5.2.3. The vulnerability affects WP Flow Plus and can be mitigated by upgrading to version 5.2.4 or later, per Patchstack and related sources. The CVE...

CVE-2024-49695 WordPress WP Flow Plus plugin <= 5.2.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through = 5.2.3...

WordPress WP Flow Plus Plugin <= 5.2.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Flow Plus Type Plugin Vulnerable versions = 5.2.3 Fixed in 5.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49695 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 744e1a3e2d91 Credits theviper17 Required privilege Contributor...

CVE-2024-35651

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2...

CVE-2024-35651

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2...

CVE-2024-35651 WordPress WP Flow Plus plugin <= 5.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2...

WordPress WP Flow Plus Plugin <= 5.2.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Flow Plus Type Plugin Vulnerable versions = 5.2.2 Fixed in 5.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35651 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bcb093c2f536 Credits LVT-tholv2k Required privilege Contributo...