EUVD-2024-35905

Malicious code in bioql PyPI...

EUVD-2025-19985

Malicious code in bioql PyPI...

EUVD-2023-55790

Malicious code in bioql PyPI...

EUVD-2025-13823

Malicious code in bioql PyPI...

EUVD-2025-13818

Malicious code in bioql PyPI...

EUVD-2023-52503

Malicious code in bioql PyPI...

EUVD-2022-53425

Malicious code in bioql PyPI...

EUVD-2024-46553

Malicious code in bioql PyPI...

EUVD-2024-44104

Malicious code in bioql PyPI...

EUVD-2024-27613

Malicious code in bioql PyPI...

PT-2025-38940

Name of the Vulnerable Software and Affected Versions PlayerJS versions through 2.24 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for potential malicious code execution with...

CVE-2025-46959

{"affected_software":"Adobe Experience Manager (AEM)","versions_affected":"6.5.22 and earlier","vulnerability":"DOM-based Cross-Site Scripting (XSS)","root_cause":"manipulation of the DOM environment to execute malicious JavaScript in the victim's browser","impact_note":"requires user interaction...

CVE-2025-53321

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Raise The Money Raise The Money raise-the-money allows DOM-Based XSS.This issue affects Raise The Money: from n/a through = 5.2...

CVE-2025-53275

CVE-2025-53275 affects the WordPress plugin Leyka (versions

CVE-2025-50037

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows DOM-Based XSS.This issue affects Buying Buddy IDX CRM: from n/a through = 2.3.0...

CVE-2025-49855 WordPress Meks Flexible Shortcodes plugin <= 1.3.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows DOM-Based XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.7...

CVE-2025-49855 WordPress Meks Flexible Shortcodes plugin <= 1.3.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes allows DOM-Based XSS. This issue affects Meks Flexible Shortcodes: from n/a through 1.3.7...

WordPress plugin CubeWP Framework 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-46848

Adobe Experience Manager (AEM) 6.5.22 and earlier is affected by a stored XSS vulnerability in vulnerable form fields (CVE-2025-46848). The issue allows a low-privileged attacker to inject malicious scripts, which may execute in a user’s browser when visiting a page containing the affected field....

CVE-2025-46866 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...