Lucene search
K

6 matches found

OSV
OSV
added 2025/09/14 1:24 p.m.8 views

MAL-2025-47787 Malicious code in mevguard (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 46b2aa8c02569ef9c6bab8214553d7af8d7e1c1f3499324654bb30870832f6f5 The obfuscated code provides "initializesession" function that exfiltrates the provided argument. --- Category: MALICIOUS - The campaign has clearly malicious...

7.2AI score
Exploits0References1
NVD
NVD
added 2025/05/15 8:16 p.m.12 views

CVE-2025-47787

Emlog is an open source website building system. Emlog Pro prior to version 2.5.10 contains a file upload vulnerability. The store.php component contains a critical security flaw where it fails to properly validate the contents of remotely downloaded ZIP plugin files. This insufficient validation...

9.8CVSS0.00616EPSS
Exploits1References2
Circl
Circl
added 2025/05/15 7:33 p.m.6 views

CVE-2025-47787

creationtimestamp| type| source ---|---|--- 2025-05-15 19:33:06+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16546...

9.8CVSS4.8AI score0.00616EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 7:27 p.m.40 views

CVE-2025-47787

CVE-2025-47787 affects Emlog Pro prior to 2.5.10. The vulnerability resides in the store.php component, which fails to properly validate the contents of remotely downloaded ZIP plugin files, enabling arbitrary code execution on vulnerable systems. The issue is fixed in version 2.5.10. Connected s...

9.8CVSS7.5AI score0.00616EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/12/18 3:30 p.m.75 views

CVE-2023-47787

CVE-2023-47787 describes a Cross-Site Request Forgery in WordPress plugin WooCommerce Bookings affecting versions up to 2.0.3. The root cause is missing/incorrect nonce validation enabling unauthenticated actors to trigger actions via forged requests if a site administrator visits a malicious lin...

8.8CVSS8.5AI score0.00256EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/14 12:0 a.m.9 views

WordPress WooCommerce Bookings Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce Bookings Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47787 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5d3bcce7300f Credits Rafie Muhammad...

8.8CVSS6.6AI score0.00256EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder