CVE-2026-39612

Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through = 4.2.9...

EUVD-2026-20248

Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through = 4.2.9...

CVE-2026-39611

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes KuteShop kuteshop allows PHP Local File Inclusion.This issue affects KuteShop: from n/a through = 4.2.9...

CVE-2026-39611 WordPress KuteShop theme <= 4.2.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes KuteShop kuteshop allows PHP Local File Inclusion.This issue affects KuteShop: from n/a through = 4.2.9...

CVE-2026-39612

CVE-2026-39612 affects the WordPress theme KuteShop (KuteShop theme) ≤ 4.2.9. Root cause: missing authorization / incorrectly configured access control that enables unauthorized actions. Impact: arbitrary shortcode execution within the affected site. Exploitation details are not provided in the c...

PT-2026-31177

CVE-2026-39612 Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteSho… https://t.co/aMFy39Rreg...

EUVD-2023-1822

Malicious code in bioql PyPI...

EUVD-2025-7375

Malicious code in bioql PyPI...

EUVD-2022-0940

Malicious code in bioql PyPI...

EUVD-2023-58122

Malicious code in bioql PyPI...

EUVD-2023-1911

Malicious code in bioql PyPI...

EUVD-2023-1892

Malicious code in bioql PyPI...

EUVD-2025-8306

Malicious code in bioql PyPI...

WordPress Official Integration for Billingo plugin <= 4.2.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Official Integration for Billingo versions = 4.2.9...

CVE-2025-30895

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through = 4.2.9...

WordPress WpEvently Plugin <= 4.2.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin WpEvently versions = 4.2.9...

WordPress plugin WpEvently 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-0958

The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 4.2.9. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary auctions, posts as well as...

CVE-2024-27959

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop...

CVE-2024-53999 Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The application allows users to upload files with scripts in the filename parameter. As a result, a malicious user can upload a script file to th...