CVE-2025-13910

The WP-WebAuthn plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the wwaauth AJAX endpoint in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes logged by the plugin. This makes it...

CVE-2025-13910

The CVE-2025-13910 entry affects the WP-WebAuthn WordPress plugin. All versions up to 1.3.4 are vulnerable to Unauthenticated Stored Cross-Site Scripting via the wwa_auth AJAX endpoint due to insufficient input sanitization and output escaping on user-supplied attributes logged by the plugin. Thi...

EUVD-2024-42575

Malicious code in bioql PyPI...

CVE-2024-9023

The WP-WebAuthn plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wwaloginform shortcode in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-47650

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Axton WP-WebAuthn wp-webauthn allows Stored XSS.This issue affects WP-WebAuthn: from n/a through = 1.3.1...

CVE-2024-47650

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Axton WP-WebAuthn wp-webauthn allows Stored XSS.This issue affects WP-WebAuthn: from n/a through = 1.3.1...

CVE-2024-47650 WordPress WP-WebAuthn plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Axton WP-WebAuthn wp-webauthn allows Stored XSS.This issue affects WP-WebAuthn: from n/a through = 1.3.1...

CVE-2024-47650

CVE-2024-47650 : A stored XSS vulnerability exists in the WordPress WP-WebAuthn plugin up to version 1.3.1 due to improper input neutralization during web page generation. The issue affects WP-WebAuthn

WordPress plugin WP-WebAuthn 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

WordPress WP-WebAuthn Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WP-WebAuthn Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47650 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a5c171e8acd4 Credits theviper17 Required privilege Contributor...

CVE-2024-9023

The WP-WebAuthn plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wwaloginform shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...