EUVD-2023-33612

Malicious code in bioql PyPI...

EUVD-2025-31818

Malicious code in bioql PyPI...

EUVD-2025-31687

Malicious code in bioql PyPI...

EUVD-2025-24995

Malicious code in bioql PyPI...

EUVD-2023-58913

Malicious code in bioql PyPI...

EUVD-2024-32099

Malicious code in bioql PyPI...

EUVD-2024-32151

Malicious code in bioql PyPI...

EUVD-2025-15657

Malicious code in bioql PyPI...

EUVD-2023-12624

Malicious code in bioql PyPI...

CVE-2025-9075

CVE-2025-9075 is a stored cross-site scripting vulnerability in the WordPress plugin ZoloBlocks (versions up to and including 2.3.10). The issue stems from insufficient input sanitization and output escaping on user-supplied attributes across multiple Gutenberg blocks (Google Maps markers, Lightb...

WordPress Nexa Blocks plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Google Maps Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Google Maps Widget vulnerability discovered by zer0gh0st in WordPress Plugin Nexa Blocks versions = 1.1.0...

WordPress plugin Nexa Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

CVE-2025-60138

CVE-2025-60138 corresponds to a stored XSS in the SKT Blocks WordPress plugin. The vulnerability is caused by improper input neutralization during web page generation, enabling stored cross-site scripting. Affected range is SKT Blocks from n/a through 2.5. According to Wordfence Intelligence, thi...

WordPress Lazy Blocks Plugin <= 4.1.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by MD ISMAIL in WordPress Plugin Lazy Blocks versions = 4.1.0...

CVE-2025-59573 WordPress Cozy Blocks Plugin <= 2.1.29 - Content Injection Vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in CozyThemes Cozy Blocks allows Code Injection. This issue affects Cozy Blocks: from n/a through 2.1.29...

CVE-2025-58258 WordPress Lazy Blocks Plugin <= 4.1.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in nK Lazy Blocks lazy-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lazy Blocks: from n/a through = 4.1.0...

CVE-2025-8567

CVE-2025-8567: Nexter Blocks (WordPress)

CVE-2025-8567 Nexter Blocks <= 4.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The Nexter Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 4.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

CVE-2025-5844

The Radius Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subHeadingTagName’ parameter in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2025-33520 · WordPress · Woocommerce Blocks – Woolook

Name of the Vulnerable Software and Affected Versions: Woocommerce Blocks – Woolook plugin for WordPress versions prior to 1.7.1 Description: The Woocommerce Blocks – Woolook plugin for WordPress is vulnerable to Local File Inclusion via the tab parameter. This allows authenticated attackers with...