16 matches found
EUVD-2025-26942
Malicious code in bioql PyPI...
CVE-2025-58835
Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...
CVE-2025-58835
Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...
CVE-2025-58835 WordPress Bonus for Woo plugin <= 7.6.6 - Other vulnerability Type vulnerability
Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...
CVE-2025-58835 WordPress Bonus for Woo plugin <= 7.6.6 - Other vulnerability Type vulnerability
Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...
CVE-2025-58835
CVE-2025-58835 concerns Bonus for Woo (WordPress) with improper validation of a specified quantity in input, enabling access to functionality not properly constrained by ACLs. Affected versions are n/a through 7.4.1. Public sources indicate remediation via upgrading to a newer version (per PT-202...
WordPress Bonus for Woo plugin <= 7.6.6 - Other Vulnerability Type vulnerability
Other Vulnerability Type vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Bonus for Woo versions = 7.6.6...
WordPress plugin Bonus for Woo 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-36174
Name of the Vulnerable Software and Affected Versions: Bonus for Woo versions n/a through 7.4.1 Description: An improper validation of the specified quantity in input exists in Bonus for Woo, potentially allowing access to functionality not properly constrained by Access Control Lists ACLs...
CVE-2023-5140
The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-5140
The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-5140
The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Cross site scripting
The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-5140
The CVE-2023-5140 entry corresponds to the Bonus for Woo WordPress plugin (pre-5.8.3) and is a Reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient sanitisation/escaping of parameters output in pages. Exploitation could target high-privilege users (e.g., admins). Public detai...
WordPress Bonus for Woo Plugin <= 5.8.2 is vulnerable to Cross Site Scripting (XSS)
Software Bonus for Woo Type Plugin Vulnerable versions = 5.8.2 Fixed in 5.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5140 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bebc071bb4a6 Credits Enrico Marcolini...
Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting
Description The plugin does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. Make a logged in admin open one of the URL below...