2340 matches found
MAL-2025-143029 Malicious code in gravity-react-bootstrap-commitlint-dynamo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb22033e71a11b9b4e5ea920eae840ead86fee21e944aa895a89667612aee75e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146314 Malicious code in pm2-sync-convict-react-bootstrap (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1330108cc41fc5f8b16b97bd8b44613ea9687f6d108f9fb4aac46e264b7302b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140119 Malicious code in bootstrap-rollup-figures-auriga (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc950508599104478cefa863ecb90a39d15f9b7095bafe4d9c802576eb00031f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147068 Malicious code in react-bootstrap-native-rehype-style-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c731557ff748c3b450e7f9a142a04f4182d48cb705f4ec926d465475eb2b7a06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140125 Malicious code in bootstrap-wezen-selenium-configstore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba700325c0ec38a68b85c35f22e10add36f7773904e951906f066fd96e60c3e3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147073 Malicious code in react-bootstrap-rocket-async-meteor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6eed4998bf00e59d674933b76fbf9a1a5c4a158d6c5f0892cc4c658ac9d96f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142070 Malicious code in envconfig-bootstrap-uglify-js-colors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bfd4098356c8ae408716b081b72671e5e811c3ef40bc851d469ae14849c5741 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-147065 Malicious code in react-bootstrap-lynx-neptune-docusaurus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 510019b85afb9e4e1728b2f031dcc773b97174840ffcdc884eab7dc011eb029f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-115980
Malicious code in bootstrap-standard-yonder-miranda npm...
MAL-2025-140110 Malicious code in bootstrap-janus-spica-docusaurus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bb8df0cbaee112cc2fa35b1b834732111d81069400cdaf6f347189357c40e90 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148109 Malicious code in spectron-bootstrap-yaml-iota (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3f56029d7ba08a16d0e0186ed582f9e0eee3faf4dd11a94341de93ca17195cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-121273
Malicious code in thuban-link-bootstrap-flare npm...
Malicious code in bootstrap-comet-convict-inquirer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1090d16dc37057a5852adbfd5f493146d23a9dde058a92e0f5e68cf23ffbe844 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bootstrap-rollup-figures-auriga (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc950508599104478cefa863ecb90a39d15f9b7095bafe4d9c802576eb00031f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tethys-gulp-bootstrap-colors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a91010575aafc5a357f617818a3e5202f494f84ef43eb7f26c7cab7739f7235e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-11822
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
EUVD-2025-60976
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-11822
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-11822 WP Bootstrap Tabs <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-11822 WP Bootstrap Tabs <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...