Nixpkgs security tracker

Untriaged

Permalink CVE-2025-47509

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 11 months, 1 week ago

WordPress Top 10 <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Top 10 allows Stored XSS. This issue affects Top 10: from n/a through 4.1.0.

References

https://patchstack.com/database/wordpress/plugin/top-10/vulnerability/wordpress… vdb-entry

Affected products

top-10

=<4.1.0

Matching in nixpkgs

pkgs.budgie-desktop

Feature-rich, modern desktop designed to keep out the way of the user

nixos-unstable 10.9.2
- nixpkgs-unstable 10.9.2
- nixos-unstable-small 10.9.2

pkgs.gnomeExtensions.pip-on-top

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

nixos-unstable 10
- nixpkgs-unstable 10
- nixos-unstable-small 10

pkgs.gnomeExtensions.show-apps-at-top

Put show apps icon at top in Gnome default dash

nixos-unstable 10
- nixpkgs-unstable 10

Package maintainers

@bobby285271 Bobby Rong <rjl931189261@126.com>
@getchoo Seth Flynn <getchoo@tuta.io>
@honnip Jung seungwoo <me@honnip.page>