18 matches found
EUVD-2025-19370
Malicious code in bioql PyPI...
EUVD-2024-25143
Malicious code in bioql PyPI...
CVE-2025-53320
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wp Enhanced Free Downloads EDD allows DOM-Based XSS. This issue affects Free Downloads EDD: from n/a through 1.0.4...
WordPress Free Downloads EDD plugin <= 1.0.4 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Free Downloads EDD versions = 1.0.4...
CVE-2025-53320
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wp Enhanced Free Downloads EDD allows DOM-Based XSS. This issue affects Free Downloads EDD: from n/a through 1.0.4...
CVE-2025-53320
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wp Enhanced Free Downloads EDD free-downloads-edd allows DOM-Based XSS.This issue affects Free Downloads EDD: from n/a through = 1.0.4...
CVE-2025-53320 WordPress Free Downloads EDD plugin <= 1.0.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wp Enhanced Free Downloads EDD allows DOM-Based XSS. This issue affects Free Downloads EDD: from n/a through 1.0.4...
WordPress plugin Free Downloads EDD Cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-27216 · WordPress · Wp Enhanced Free Downloads Edd
Name of the Vulnerable Software and Affected Versions: Wp Enhanced Free Downloads EDD versions 1.0.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an...
CVE-2024-27969
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Enhanced Free Downloads WooCommerce allows Stored XSS.This issue affects Free Downloads WooCommerce: from n/a through 3.5.8.2...
WordPress Plugin Free Downloads WooCommerce 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress Plugin Free Downloads WooCommerce A...
CVE-2024-27969 WordPress Free Downloads WooCommerce plugin <= 3.5.8.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Enhanced Free Downloads WooCommerce allows Stored XSS.This issue affects Free Downloads WooCommerce: from n/a through 3.5.8.2...
PT-2024-22174 · WordPress · Wp Enhanced Free Downloads Woocommerce
Name of the Vulnerable Software and Affected Versions: WP Enhanced Free Downloads WooCommerce versions 3.5.8.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability, specifically Stored...
WordPress Free Downloads WooCommerce Plugin <= 3.5.8.2 is vulnerable to Cross Site Scripting (XSS)
Software Free Downloads WooCommerce Type Plugin Vulnerable versions = 3.5.8.2 Fixed in 3.5.8.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27969 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 362b9780ab54 Credits Khalid Yusuf Required...
'Free' Cyberpunk 2077 Downloads Lead to Data Harvesting
The hotly anticipated videogame title Cyberpunk 2077 comes out on Dec. 10, inspiring breathless countdowns from gaming publications and enthusiasts across the globe. As with all things zeitgeisty, cybercriminals are looking to cash in on the excitement, with scams that offer “free copies” while...
WordPress Easy Digital Downloads Free Downloads extension cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Easy Digital Downloads EDD Free Downloads extension is a free download management plugin used in it. A cross-site scripting...
CVE-2015-9514
The Easy Digital Downloads EDD Free Downloads extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
CVE-2015-9514
The Easy Digital Downloads EDD Free Downloads extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...