149 matches found
CVE-2025-14941
The GZSEO plugin for WordPress is vulnerable to authorization bypass leading to Stored Cross-Site Scripting in all versions up to, and including, 2.0.11. This is due to missing capability checks on multiple AJAX handlers combined with insufficient input sanitization and output escaping on the...
CVE-2025-14941
The GZSEO plugin for WordPress is vulnerable to authorization bypass leading to Stored Cross-Site Scripting in all versions up to, and including, 2.0.11. This is due to missing capability checks on multiple AJAX handlers combined with insufficient input sanitization and output escaping on the...
CVE-2025-14941
The GZSEO plugin for WordPress is vulnerable to authorization bypass leading to Stored Cross-Site Scripting in all versions up to, and including, 2.0.11. This is due to missing capability checks on multiple AJAX handlers combined with insufficient input sanitization and output escaping on the...
CVE-2025-14941
The CVE CVE-2025-14941 affects the WordPress plugin GZSEO (versions up to and including 2.0.11). The authenticated attacker (Contributor+ level) can bypass authorization due to missing capability checks on multiple AJAX handlers and insufficient input sanitization/output escaping on the embed_cod...
WordPress GZSEO plugin <= 2.0.11 - Authenticated (Contributor+) Authorization Bypass to Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Authorization Bypass to Stored Cross-Site Scripting vulnerability discovered by Paolo Tresso - Wordfence in WordPress Plugin GZSEO versions = 2.0.11...
WordPress plugin GZSEO has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
a-mailx (=0.1.0), aaaai (>=0.1.3 <=0.3.0) +335 more potentially affected by CVE-2025-67221 via orjson (>=2.0.11 <=3.11.4)
orjson PYPI version =2.0.11, =0.1.3, =4.8.2, =0.1.3, =0.0.5, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.31, =0.0.1, =0.0.3, =0.2.0, =0.1.1, =0.6.0.post1 and more Source cves: CVE-2025-67221 Source advisory: OSV:PYSEC-2026-107...
be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +229 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.37)
org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.2.3 and more Source cves: CVE-2025-64775 Source advisory: OSV:GHSA-XX7V-HQXH-CJR9...
CVE-2025-64104
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Prior to 2.0.11, LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization,...
CVE-2025-64104
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Prior to 2.0.11, LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization,...
CVE-2025-64104
LangGraph SQLite Checkpoint (SqliteStore) has a SQL injection vulnerability due to direct string concatenation when building JSON path-based filters. Effective prior to version 2.0.11, this flaw could allow attackers with local privileges to inject arbitrary SQL and bypass access controls. The is...
CVE-2025-64104 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Prior to 2.0.11, LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization,...
CVE-2025-64104 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Prior to 2.0.11, LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization,...
langchainlanggraph-checkpoint-sqlite SQL注入漏洞
langchainlanggraph-checkpoint-sqlite is an open source database connectivity Python library from LangChain. An SQL injection vulnerability exists in langchainlanggraph-checkpoint-sqlite versions prior to 2.0.11, which stems from the use of a direct string concatenation that is not properly...
EUVD-2021-1473
Malware in sbrugna...
EUVD-2004-1441
Malware in sbrugna...
EUVD-2021-21305
Malware in sbrugna...
EUVD-2020-19969
Malware in sbrugna...
EUVD-2008-0675
Malware in sbrugna...
EUVD-2025-3442
Malicious code in bioql PyPI...