Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12086

Malicious code in bioql PyPI...

7.5CVSS8.2AI score0.0061EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-5396

Malicious code in bioql PyPI...

6.5CVSS9.2AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 4:15 p.m.10 views

CVE-2025-46230

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in GhozyLab Popup Builder easy-notify-lite allows PHP Local File Inclusion.This issue affects Popup Builder: from n/a through = 1.1.35...

7.5CVSS0.0061EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:8 p.m.56 views

CVE-2025-46230

CVE-2025-46230 affects WordPress Popup Builder (plugin) up to version 1.1.35. The vulnerability is an improper filename control in PHP Include/Require (Local File Inclusion). Impact per sources is high (C/VSS metrics), enabling potential arbitrary file access via LFI. Remediation: upgrade to a fi...

7.5CVSS7.2AI score0.0061EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/24 12:0 a.m.6 views

PT-2025-17758 · Unknown · Ghozylab Popup Builder

Name of the Vulnerable Software and Affected Versions: GhozyLab Popup Builder versions 1.1.35 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File...

7.5CVSS8.1AI score0.0061EPSS
Exploits0References4
NVD
NVD
added 2025/02/25 3:15 p.m.8 views

CVE-2025-26882

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Popup Builder easy-notify-lite allows Stored XSS.This issue affects Popup Builder: from n/a through = 1.1.33...

6.5CVSS0.00266EPSS
Exploits0References1
CVE
CVE
added 2025/02/25 2:17 p.m.56 views

CVE-2025-26882

CVE-2025-26882 affects Popup Builder (WordPress) up to version 1.1.33. The issue is an stored XSS caused by improper neutralization of input during web page generation, allowing an attacker with contributor-level or higher access to inject scripts in the popup. The vulnerability is authenticated-...

6.5CVSS7.2AI score0.00266EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.8 views

PT-2024-25982 · Ghozylab · Popup Builder

Name of the Vulnerable Software and Affected Versions: GhozyLab, Inc. Popup Builder versions 1.1.29 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. There is a...

5.9CVSS5.5AI score0.00259EPSS
Exploits0References6
Rows per page
Query Builder