WordPress Blocksy Companion plugin <= 2.1.19 - Authenticated (Author+) Arbitrary File Upload via SVG Upload Bypass vulnerability

Authenticated Author+ Arbitrary File Upload via SVG Upload Bypass vulnerability discovered by shark3y in WordPress Plugin Blocksy Companion versions = 2.1.19...

EUVD-2025-35530

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrocoBlock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through = 2.1.20...

CVE-2025-49928

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through = 2.1.20...

CVE-2025-49928 WordPress JetWooBuilder plugin <= 2.1.20 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through = 2.1.20...

CVE-2025-49928 WordPress JetWooBuilder plugin <= 2.1.20 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through = 2.1.20...

WordPress plugin JetWooBuilder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A cross-site...

EUVD-2024-22100

Malicious code in bioql PyPI...

EUVD-2025-25326

Malicious code in bioql PyPI...

CVE-2025-53998

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Retrieve Embedded Sensitive Data.This issue affects JetWooBuilder: from n/a through = 2.1.20...

CVE-2025-53998

CVE-2025-53998 (JetWooBuilder) : In Crocoblock JetWooBuilder (JetWooBuilder) vulnerable to insertion of sensitive information into sent data, enabling retrieval of embedded sensitive data. Affected: JetWooBuilder versions up to and including 2.1.20. Root cause per sources: exposure of sensitive d...

PT-2025-33996 · Crocoblock · Jetwoobuilder

Name of the Vulnerable Software and Affected Versions: Crocoblock JetWooBuilder versions through 2.1.20 Description: An insertion of sensitive information into sent data issue exists in Crocoblock JetWooBuilder, allowing retrieval of embedded sensitive data. Recommendations: Update JetWooBuilder ...

WordPress JetWooBuilder plugin <= 2.1.20 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin JetWooBuilder versions = 2.1.20...

CVE-2024-24701

Cross-Site Request Forgery CSRF vulnerability in Native Grid LLC A no-code page builder for beautiful performance-based content.This issue affects A no-code page builder for beautiful performance-based content: from n/a through 2.1.20...

CVE-2024-24701

Cross-Site Request Forgery CSRF vulnerability in Native Grid LLC A no-code page builder for beautiful performance-based content.This issue affects A no-code page builder for beautiful performance-based content: from n/a through 2.1.20...

PT-2024-20497 · Native Grid Llc +2 · A No-Code Page Builder For Beautiful Performance-Based Content +2

Name of the Vulnerable Software and Affected Versions: A no-code page builder for beautiful performance-based content versions n/a through 2.1.20 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performin...

Critical: Red Hat Security Advisory: .NET Core security and bugfix update

An update for .NET Core is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

UrBackup Server Cross-Site Scripting Vulnerability

UrBackup is an easy to install open source client/server backup system . A cross-site scripting vulnerability exists in UrBackup Server before 2.1.20. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the action parameter...

CVE-2017-16950

Cross - site scripting XSS vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action parameter...

CVE-2015-2775

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. dot dot in a list name...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in items.php in TeamPass before 2.1.20 allow remote attackers to inject arbitrary web script or HTML via the group parameter, which is not properly handled in a 1 hidcat or 2 openfolder form element, or 3 id parameter, which is not properly handle...