CVE-2023-25654

baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution RCE Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch...

CVE-2023-25655

baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch...

CVE-2022-27861

Unauth. Open Redirect vulnerability in Arscode Ninja Popups plugin = 4.7.5 versions...

EUVD-2020-29372

Malware in sbrugna...

EUVD-2007-0140

Malware in sbrugna...

EUVD-2018-11196

Malware in sbrugna...

EUVD-2023-1060

Malicious code in bioql PyPI...

EUVD-2023-1023

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-9063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.7.5, a cross-site scripting XSS vulnerability related to the Customizer exists, involving an invalid customization session. CVE-2017-9063...

Linux Distros Unpatched Vulnerability : CVE-2017-9065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API. CVE-2017-9065 Note that Nessus relies on the presence of...

Linux Distros Unpatched Vulnerability : CVE-2017-9064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.7.5, a Cross Site Request Forgery CSRF vulnerability exists in the filesystem credentials dialog because a nonce is not required for...

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

CVE-2025-47496

CVE-2025-47496 : WordPress plugin PublishPress Authors (

CVE-2024-27968

Cross-Site Request Forgery CSRF vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a through 4.7.5...

WordPress WP ULike Plugin < 4.7.5 is vulnerable to Cross Site Scripting (XSS)

Software WP ULike Type Plugin Vulnerable versions 4.7.5 Fixed in 4.7.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7879 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3cd5e62dd112 Credits Dmitrii Ignatyev Required privile...

PT-2024-38655 · WordPress · Wp Ulike

Name of the Vulnerable Software and Affected Versions: WP ULike WordPress plugin versions prior to 4.7.5 Description: The issue is related to the WP ULike WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as editors, to...

WordPress WP ULike Plugin <= 4.7.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP ULike Type Plugin Vulnerable versions = 4.7.4 Fixed in 4.7.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-9649 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 736f4ce4b9c2 Credits Bilal Chawich Duke Required...

WordPress plugin Jupiter X Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

WordPress JupiterX Core Plugin <= 4.7.5 is vulnerable to Broken Authentication

Software JupiterX Core Type Plugin Vulnerable versions = 4.7.5 Fixed in 4.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-7781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 4950f50fad7a Credits Geo Void...

PT-2024-38575 · WordPress · Jupiter X Core

Name of the Vulnerable Software and Affected Versions: Jupiter X Core plugin for WordPress versions up to, and including, 4.7.5 Description: The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass due to improper authentication via the Social Login widget. This allows...