CVE-2026-39508

CVE-2026-39508 affects the WordPress plugin Advanced Coupons for WooCommerce Coupons (free) up to version 4.7.1.1. The issue is a DOM-based cross-site scripting (XSS) vulnerability caused by improper neutralization of input during web page generation, allowing injected scripts in the affected plu...

WordPress plugin Advanced Coupons for WooCommerce Coupons SQL注入漏洞

WordPress Advanced Coupons for WooCommerce Coupons plugin is a free plugin designed for WooCommerce to enhance e-commerce marketing by extending coupon functionality. WordPress Advanced Coupons for WooCommerce Coupons plugin suffers from a SQL injection vulnerability that stems from the...

EUVD-2016-5819

Malware in sbrugna...

EUVD-2024-53033

Malicious code in bioql PyPI...

EUVD-2024-50927

Malicious code in bioql PyPI...

WordPress Coupon API plugin <= 6.2.12 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Coupon API versions = 6.2.12...

WordPress plugin Coupon API SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2024-12516

The Coupon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Coupon Code' parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-56235

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vicky Kumar Coupon coupon-lite allows DOM-Based XSS.This issue affects Coupon: from n/a through = 1.2.2...

CVE-2025-32642 WordPress Vite Coupon plugin <= 1.0.9 - CSRF to Remote Code Execution (RCE) vulnerability

Cross-Site Request Forgery CSRF vulnerability in appsbd Vite Coupon vite-coupon allows Remote Code Inclusion.This issue affects Vite Coupon: from n/a through = 1.0.9...

WordPress Vite Coupon plugin <= 1.0.9 - CSRF to Remote Code Execution (RCE) vulnerability

CSRF to Remote Code Execution RCE vulnerability discovered by stealthcopter in WordPress Plugin Vite Coupon versions = 1.0.9...

WordPress Coupon Plugin plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Coupon versions = 1.2.1...

CVE-2024-12516

The Coupon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Coupon Code' parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-12516 Coupon Plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Coupon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Coupon Code' parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-12516 Coupon Plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Coupon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Coupon Code' parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

PT-2025-1879 · WordPress · Coupon Plugin

Name of the Vulnerable Software and Affected Versions: Coupon Plugin plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is related to Stored Cross-Site Scripting via the Coupon Code parameter due to insufficient input sanitization and output escaping. This allows...

WordPress plugin Coupon Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-56235

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vicky Kumar Coupon coupon-lite allows DOM-Based XSS.This issue affects Coupon: from n/a through = 1.2.2...

CVE-2024-56235

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coupon Plugin Coupon allows DOM-Based XSS.This issue affects Coupon: from n/a through 1.2.1...

CVE-2024-56235 WordPress Coupon plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vicky Kumar Coupon coupon-lite allows DOM-Based XSS.This issue affects Coupon: from n/a through = 1.2.2...