EUVD-2024-33470

Malicious code in bioql PyPI...

CVE-2025-31875 WordPress FancyPost plugin <= 6.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluginic FancyPost allows DOM-Based XSS. This issue affects FancyPost: from n/a through 6.0.1...

CVE-2024-10536

The FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleblockshortcodeexport function in all versions up to, and including, 6.0.0. This...

CVE-2024-10536 FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor <= 6.0.0 - Missing Authorization to Authenticated (Subscriber+) Shortcode Export

The FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleblockshortcodeexport function in all versions up to, and including, 6.0.0. This...

CVE-2024-10536 FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor <= 6.0.0 - Missing Authorization to Authenticated (Subscriber+) Shortcode Export

The FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleblockshortcodeexport function in all versions up to, and including, 6.0.0. This...

PT-2025-1590 · WordPress · Fancypost

Name of the Vulnerable Software and Affected Versions: FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor plugin for WordPress versions up to, and including, 6.0.0 Description: The issue is related to unauthorized access of data due to a missing...

WordPress FancyPost plugin <= 6.0.0 - Missing Authorization to Authenticated (Subscriber+) Shortcode Export vulnerability

Missing Authorization to Authenticated Subscriber+ Shortcode Export vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin FancyPost versions = 6.0.0...

CVE-2024-38686 WordPress FancyPost plugin <= 5.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pluginic FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor allows Stored XSS.This issue affects FancyPost – Best Ultimate Post Block, Post...

WordPress FancyPost plugin <= 5.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin FancyPost versions = 5.3.1...