EUVD-2025-15520

Malicious code in bioql PyPI...

CVE-2025-48121

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Puddick WP Notes Widget wp-notes-widget allows DOM-Based XSS.This issue affects WP Notes Widget: from n/a through = 1.0.6...

CVE-2025-48121

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Puddick WP Notes Widget wp-notes-widget allows DOM-Based XSS.This issue affects WP Notes Widget: from n/a through = 1.0.6...

CVE-2025-48121

CVE-2025-48121 affects the WP Notes Widget (WordPress). The issue is DOM-based XSS caused by improper input neutralization in the widget’s web page generation, impacting versions up to and including 1.0.6. The vulnerability is publicly discussed in PatchStack/PT-2025-21726 and corroborated by mul...

PT-2025-21726 · WordPress · Steve Puddick Wp Notes Widget

Name of the Vulnerable Software and Affected Versions: Steve Puddick WP Notes Widget versions 1.0.0 through 1.0.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an...