EUVD-2025-11724

Malicious code in bioql PyPI...

CVE-2025-47471 WordPress Envo Extra plugin <= 1.9.9 - Broken Access Control Vulnerability

Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Extra: from n/a through = 1.9.9...

PT-2025-17771 · Unknown · Fable Extra

Name of the Vulnerable Software and Affected Versions: Fable Extra versions 1.0.0 through 1.0.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker could...

CVE-2025-32652

CVE-2025-32652 concerns Solace Extra for WordPress, affected up to version 1.3.1, with an authenticated Arbitrary File Upload (Unrestricted Upload of File with Dangerous Type) vulnerability. CVSS v3.1 base score 9.9 (CRITICAL) via NETWORK access and requires LOW privileges with NO user interactio...

WordPress Plugin WP EXtra Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PortlandLabs Concrete CMS SEO-Extra Feature Cross-Site Scripting Vulnerability

PortlandLabs Concrete CMS is a team-oriented open source content management system of the United States PortlandLabs company . A cross-site scripting vulnerability exists in the PortlandLabs Concrete CMS SEO-Extra feature, which can be exploited by an attacker to execute arbitrary code via a...

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...