CVE-2025-49046

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup xPromoter topbarpromoter allows Reflected XSS.This issue affects xPromoter: from n/a through = 1.3.4...

CVE-2025-49046

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup xPromoter topbarpromoter allows Reflected XSS.This issue affects xPromoter: from n/a through = 1.3.4...

CVE-2025-49046

CVE-2025-49046 (LambertGroup xPromoter top_bar_promoter) : The Red Hat/NVD/Patchstack data describe a reflected Cross‑Site Scripting (XSS) vulnerability in LambertGroup xPromoter’s top_bar_promoter for versions up to and including 1.3.4. The issue arises from improper neutralization of input duri...

CVE-2025-49046

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup xPromoter topbarpromoter allows Reflected XSS.This issue affects xPromoter: from n/a through = 1.3.4...

CVE-2025-49046 WordPress xPromoter plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup xPromoter topbarpromoter allows Reflected XSS.This issue affects xPromoter: from n/a through = 1.3.4...

CVE-2025-49046 WordPress xPromoter plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup xPromoter topbarpromoter allows Reflected XSS.This issue affects xPromoter: from n/a through = 1.3.4...

WordPress plugin xPromoter has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-3969

Name of the Vulnerable Software and Affected Versions LambertGroup xPromoter versions through 1.3.4 Description A Reflected Cross-site Scripting XSS issue exists in the top bar promoter component of LambertGroup xPromoter. This allows for improper neutralization of input during web page generatio...

WordPress xPromoter plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin xPromoter versions = 1.3.4...

CVE-2025-68053

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...

EUVD-2025-203554

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...

CVE-2025-68053 WordPress xPromoter plugin <= 1.3.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...

CVE-2025-68053 WordPress xPromoter plugin <= 1.3.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...

CVE-2025-68053

CVE-2025-68053 concerns the WordPress plugin xPromoter (LambertGroup)

WordPress plugin xPromoter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-51444

Name of the Vulnerable Software and Affected Versions LambertGroup xPromoter versions through 1.3.4 Description A flaw exists in LambertGroup xPromoter that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This issue could potentially allow...

WordPress xPromoter plugin <= 1.3.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin xPromoter versions = 1.3.4...