RHCOS 3 : OpenShift Container Platform 3.11.462 (RHSA-2021:2517)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2517 advisory. - jetty: local temporary directory hijacking vulnerability CVE-2020-27216 - jetty: buffer not correctly recycled in Gzip Request...

RHCOS 4 : OpenShift Container Platform 4.5.41 (RHSA-2021:2431)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2431 advisory. - jetty: local temporary directory hijacking vulnerability CVE-2020-27216 - jetty: buffer not correctly recycled in Gzip Request...

EUVD-2022-3337

Malicious code in bioql PyPI...

EUVD-2025-16842

Malicious code in bioql PyPI...

EUVD-2022-5101

Malicious code in bioql PyPI...

EUVD-2023-30358

Malicious code in bioql PyPI...

EUVD-2022-2798

Malicious code in bioql PyPI...

EUVD-2022-5440

Malicious code in bioql PyPI...

EUVD-2023-30359

Malicious code in bioql PyPI...

📄 WordPress File Provider 1.2.3 SQL Injection

WordPress File Provider plugin versions 1.2.3 and below suffer from an unauthenticated remote SQL injection vulnerability. CVE-2025-4578 File Provider = 1.2.3 - Unauthenticated SQL Injection Description The File Provider plugin for WordPress is vulnerable to SQL Injection via the 'fileId' paramet...

Exploit for SQL Injection in Dimdavid File_Provider

CVE-2025-4578 File Provider = 5.0.12 time-based blind - Parame...

WordPress File Provider plugin SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress File Provider plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker...

CVE-2025-4578

The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

CVE-2025-4580

The File Provider WordPress plugin through 1.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2025-4578

The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

CVE-2025-4580

The File Provider WordPress plugin through 1.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2025-4580 File Provider <= 1.2.3 - Item Deletion via CSRF

The File Provider WordPress plugin through 1.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2025-4580 File Provider <= 1.2.3 - Item Deletion via CSRF

The File Provider WordPress plugin through 1.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2025-4578 File Provider <= 1.2.3 - Unauthenticated SQLi

The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

CVE-2025-4578 File Provider <= 1.2.3 - Unauthenticated SQLi

The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...