9 matches found
EUVD-2025-25360
Malicious code in bioql PyPI...
CVE-2025-49891
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through = 1.3.3...
CVE-2025-49891
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through = 1.3.3...
CVE-2025-49891 WordPress Contact Info Widget plugin <= 2.6.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in riotweb Contact Info Widget allows Stored XSS. This issue affects Contact Info Widget: from n/a through 2.6.2...
CVE-2025-49891
CVE-2025-49891 is a SQL Injection vulnerability in the WordPress plugin Uxper Booking (uxper-booking) , allowing Blind SQL Injection. It affects versions up to and including 1.3.3 . The issue stems from improper neutralization of input in SQL commands, with CVSS 3.1 vector indicating network atta...
CVE-2025-49891 WordPress Uxper Booking Plugin <= 1.3.3 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through = 1.3.3...
WordPress plugin Contact Info Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2025-33959 · Unknown · Riotweb Contact Info Widget
Name of the Vulnerable Software and Affected Versions: riotweb Contact Info Widget versions through 2.6.2 Description: Improper neutralization of input during web page generation allows for stored cross-site scripting XSS. Recommendations: Update to a version later than 2.6.2...
WordPress Contact Info Widget plugin <= 2.6.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin Contact Info Widget versions = 2.6.2...