36 matches found
EUVD-2024-51600
Malicious code in bioql PyPI...
EUVD-2025-9144
Malicious code in bioql PyPI...
EUVD-2025-9156
Malicious code in bioql PyPI...
CVE-2025-31894
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Infoway LLC Ebook Downloader ebook-downloader allows Stored XSS.This issue affects Ebook Downloader: from n/a through = 1.0...
CVE-2025-31904
Cross-Site Request Forgery CSRF vulnerability in Infoway LLC Ebook Downloader ebook-downloader allows Cross Site Request Forgery.This issue affects Ebook Downloader: from n/a through = 1.0...
WordPress Ebook Downloader plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Ebook Downloader versions = 1.0...
CVE-2025-31894
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Infoway LLC Ebook Downloader ebook-downloader allows Stored XSS.This issue affects Ebook Downloader: from n/a through = 1.0...
CVE-2025-31904
Cross-Site Request Forgery CSRF vulnerability in Infoway LLC Ebook Downloader ebook-downloader allows Cross Site Request Forgery.This issue affects Ebook Downloader: from n/a through = 1.0...
CVE-2025-31904 WordPress Ebook Downloader plugin <= 1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Infoway LLC Ebook Downloader allows Cross Site Request Forgery. This issue affects Ebook Downloader: from n/a through 1.0...
CVE-2025-31904 WordPress Ebook Downloader plugin <= 1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Infoway LLC Ebook Downloader ebook-downloader allows Cross Site Request Forgery.This issue affects Ebook Downloader: from n/a through = 1.0...
CVE-2025-31904
CVE-2025-31904 refers to a CSRF to stored XSS issue in the Ebook Downloader WordPress plugin (Infoway) affecting versions up to 1.0. The vulnerability, as described, requires an authenticated user and can result in stored cross-site scripting. Related connected documents confirm a similar CSRF-to...
CVE-2025-31894 WordPress Ebook Downloader plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Infoway LLC Ebook Downloader allows Stored XSS. This issue affects Ebook Downloader: from n/a through 1.0...
CVE-2025-31894 WordPress Ebook Downloader plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Infoway LLC Ebook Downloader ebook-downloader allows Stored XSS.This issue affects Ebook Downloader: from n/a through = 1.0...
CVE-2025-31894
CVE-2025-31894 corresponds to a Stored XSS vulnerability in the Ebook Downloader WordPress plugin. The initial description cites Improper Neutralization of Input During Web Page Generation as the underlying issue, enabling stored cross-site scripting. Connected materials confirm Ebook Downloader ...
PT-2025-14268 · Infoway Llc · Infoway Llc Ebook Downloader
Name of the Vulnerable Software and Affected Versions: Infoway LLC Ebook Downloader versions n/a through 1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker c...
WordPress plugin Ebook Downloader 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-14271 · Infoway Llc · Ebook Downloader
Name of the Vulnerable Software and Affected Versions: Infoway LLC Ebook Downloader versions 1.0 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the Ebook Downloader, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendation...
WordPress plugin Ebook Downloader 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
CVE-2024-13435
The Ebook Downloader plugin for WordPress is vulnerable to SQL Injection via the 'download' parameter in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2024-13435
The Ebook Downloader plugin for WordPress is vulnerable to SQL Injection via the 'download' parameter in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...