EUVD-2024-19855

Malicious code in bioql PyPI...

CVE-2024-22294

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3...

CVE-2024-22294

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3...

WordPress plugin IP2Location Country Blocker Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. An information disclosure vulnerability exists in the...

CVE-2023-4248

The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the givestripedisconnectconnectstripeaccount function. This makes it possible for unauthenticated attackers to deactivate t...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation via the "polymorphic field" implementation, due to the lack of validation of user input when updating or creating a new polymorphic resource. An attacker can exploit this vulnerability by manipulating the class...