MAL-2025-39448 Malicious code in work-cpu-process840 (npm)

The package work-cpu-process840 was found to contain malicious code...

CVE-2025-39448

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through = 2.7.4.1...

CVE-2025-39448

creationtimestamp| type| source ---|---|--- 2025-05-19 17:38:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16885...

CVE-2025-39448

CVE-2025-39448 affects the WordPress plugin JetElements for Elementor (Crocoblock) up to version 2.7.4.1 . Root cause: improper input neutralization during web page generation , causing a Stored XSS . Impact details are stated in connected sources as Stored XSS; the primary CVSS info is provided ...

CVE-2025-39448 WordPress JetElements For Elementor plugin <= 2.7.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetElements For Elementor allows Stored XSS.This issue affects JetElements For Elementor: from n/a through 2.7.4.1...

CVE-2025-39448 WordPress JetElements For Elementor plugin <= 2.7.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through = 2.7.4.1...

WordPress JetElements For Elementor plugin <= 2.7.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetElements For Elementor versions = 2.7.4.1...

CVE-2023-39448

CVE-2023-39448 affects SHIRASAGI versions prior to v1.18.0. The vulnerability is a path traversal issue that could allow a remote authenticated attacker to alter or create arbitrary files on the server, potentially leading to arbitrary code execution. Affected product is SHIRASAGI (CMS) prior to ...

CVE-2023-39448

Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution...