13 matches found
EUVD-2025-10613
Malicious code in bioql PyPI...
CVE-2025-32493
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes BP Social Connect bp-social-connect allows Stored XSS.This issue affects BP Social Connect: from n/a through = 1.6.2...
WordPress BP Social Connect plugin <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin BP Social Connect versions = 1.6.2...
CVE-2025-32493
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes BP Social Connect bp-social-connect allows Stored XSS.This issue affects BP Social Connect: from n/a through = 1.6.2...
CVE-2025-32493
CVE-2025-32493 is a stored XSS vulnerability in the WordPress plugin BP Social Connect (affected: up to version 1.6.2). The connected Wordfence entry indicates an authenticated (Administrator+) Stored Cross‑Site Scripting flaw in BP Social Connect
CVE-2025-32493 WordPress BP Social Connect plugin <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes BP Social Connect bp-social-connect allows Stored XSS.This issue affects BP Social Connect: from n/a through = 1.6.2...
CVE-2025-32493 WordPress BP Social Connect <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes BP Social Connect allows Stored XSS. This issue affects BP Social Connect: from n/a through 1.6.2...
PT-2025-15772 · Vibethemes · Vibethemes Bp Social Connect
Name of the Vulnerable Software and Affected Versions: VibeThemes BP Social Connect versions 1.6.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS attacks. This means that an attacker can inject malicious...
WordPress plugin BP Social Connect 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2023-2704
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in a...
CVE-2023-2704
CVE-2023-2704 affects BP Social Connect for WordPress (versions up to and including 1.5) with an authentication bypass due to insufficient verification during Facebook login, enabling unauthenticated login as existing users (e.g., admin) if the attacker has the email. Wordfence notes the vulnerab...
WordPress Plugin BP Social Connect 访问控制错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress BP Social Connect Plugin <= 1.5 is vulnerable to Broken Access Control
Software BP Social Connect Type Plugin Vulnerable versions = 1.5 Fixed in 1.6.2 OWASP Top 10 A2: Broken Authentication Classification Broken Access Control CVE CVE-2023-2704 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 7c30551eab88 Credits Lana Codes Required privileg...