EUVD-2025-3746

Malicious code in bioql PyPI...

CVE-2025-24541

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...

CVE-2025-24541

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...

CVE-2025-24541 WordPress DK White Label plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...

CVE-2025-24534 WordPress DPortfolio plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DPortfolio dportfolio allows Reflected XSS.This issue affects DPortfolio: from n/a through = 2.0...

WordPress Event post plugin <= 5.9.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Event post versions = 5.9.5...

WordPress Product Designer plugin <= 1.0.33 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Product Designer versions = 1.0.33...

WordPress Booking Ultra Pro plugin 1.1.12 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Booking Ultra Pro versions = 1.1.12...

WordPress Frontend Dashboard plugin <= 2.2.2 - Sensitive Data Exposure on PII vulnerability

Sensitive Data Exposure on PII vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Frontend Dashboard versions = 2.2.2...

WordPress SharkDropship and Affiliate for AliExpress, eBay, Amazon, Etsy plugin <= 2.1.1 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy versions = 2.1.1...

WordPress Login with phone number plugin <= 1.7.16 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Login with phone number versions = 1.7.16...

WordPress 5 Stars Rating Funnel plugin <= 1.2.67 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin 5 Stars Rating Funnel versions = 1.2.67...

WordPress 5 Stars Rating Funnel Plugin <= 1.2.67 is vulnerable to Arbitrary Content Deletion

Software 5 Stars Rating Funnel Type Plugin Vulnerable versions = 1.2.67 Fixed in 1.3.02 OWASP Top 10 A1: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2024-31358 Patch priority Medium CVSS severity Medium 7.5 Developer Tobias PSID bd96c1e147ac Credits Emili Castells...