164 matches found
EUVD-2021-30290
Malicious code in bioql PyPI...
EUVD-2023-58026
Malicious code in bioql PyPI...
EUVD-2024-52231
Malicious code in bioql PyPI...
EUVD-2024-51703
Malicious code in bioql PyPI...
EUVD-2024-50868
Malicious code in bioql PyPI...
EUVD-2022-49599
Malicious code in bioql PyPI...
EUVD-2025-15759
Malicious code in bioql PyPI...
EUVD-2022-51824
Malicious code in bioql PyPI...
EUVD-2024-32417
Malicious code in bioql PyPI...
EUVD-2023-51657
Malicious code in bioql PyPI...
WordPress plugin Chatwee 跨站请求伪造漏洞
WordPress Chatwee plugin is a plugin for adding live chat functionality to your WordPress website with multi-language and internationalization support. The WordPress Chatwee plugin suffers from a cross-site request forgery vulnerability that stems from the WEB application not adequately verifying...
CVE-2025-3774
The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...
CVE-2025-3774
The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...
CVE-2025-3774
CVE-2025-3774 covers Wise Chat for WordPress (versions up to and including 3.3.4) with an unauthenticated Stored XSS via the X-Forwarded-For header. The vulnerability stems from insufficient input sanitization and output escaping, enabling attackers to inject scripts that execute when users load ...
CVE-2025-5336
CVE-2025-5336 concerns WordPress plugin “Click to Chat” for HoliThemes. The vulnerability is a Stored DOM-based Cross-Site Scripting via the data-no_number parameter in versions up to 4.22, caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access a...
WordPress plugin Click to Chat 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Click to Chat plugin, which stems from insufficient input cleanup and escaping, and can be exploited by an attacker ...
WordPress plugin WP Live Chat + Chatbots Plugin for WordPress – Chaport 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... WordPress plugin WP Live...
CVE-2024-3595
The Pure Chat – Live Chat Plugin & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the purechatwid and purechatwname parameter in all versions up to, and including, 2.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
CVE-2024-12541
The Chative Live chat and Chatbot plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the addchativewidgetaction function. This makes it possible for unauthenticated attackers to change...
CVE-2024-12451
The HTML5 chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'HTML5CHAT' shortcode in all versions up to, and including, 1.07 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...