284 matches found
EUVD-2024-34110
Malicious code in bioql PyPI...
EUVD-2025-13852
Malicious code in bioql PyPI...
EUVD-2024-32717
Malicious code in bioql PyPI...
EUVD-2023-24099
Malicious code in bioql PyPI...
EUVD-2024-46661
Malicious code in bioql PyPI...
EUVD-2025-24926
Malicious code in bioql PyPI...
EUVD-2024-44101
Malicious code in bioql PyPI...
EUVD-2023-27981
Malicious code in bioql PyPI...
EUVD-2024-27344
Malicious code in bioql PyPI...
EUVD-2024-36835
Malicious code in bioql PyPI...
EUVD-2024-29790
Malicious code in bioql PyPI...
EUVD-2024-35394
Malicious code in bioql PyPI...
EUVD-2024-29278
Malicious code in bioql PyPI...
EUVD-2024-22234
Malicious code in bioql PyPI...
EUVD-2024-30723
Malicious code in bioql PyPI...
EUVD-2024-32320
Malicious code in bioql PyPI...
CVE-2025-9565
The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocksynewslettersubscribe shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
WordPress Blocksy Companion Plugin Cross-Site Scripting Vulnerability
WordPress Blocksy Companion Plugin is a plugin designed to enhance the functionality of WordPress themes. WordPress Blocksy Companion Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which ca...
CVE-2025-9565
The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocksynewslettersubscribe shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
CVE-2025-9565 Blocksy Companion <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via blocksy_newsletter_subscribe Shortcode
The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocksynewslettersubscribe shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...