29 matches found
EUVD-2024-37594
Malicious code in bioql PyPI...
EUVD-2023-31224
Malicious code in bioql PyPI...
EUVD-2025-30645
Malicious code in bioql PyPI...
EUVD-2024-52440
Malicious code in bioql PyPI...
CVE-2025-57984
Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories makestories-helper allows Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through = 3.0.4...
CVE-2025-57984
Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories makestories-helper allows Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through = 3.0.4...
WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability
Server Side Request Forgery SSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin MakeStories for Google Web Stories versions = 3.0.4...
CVE-2025-57984 WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability
Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories makestories-helper allows Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through = 3.0.4...
CVE-2025-57984
CVE-2025-57984 is described as a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin MakeStories (for Google Web Stories) . Connected documents indicate the issue is present in versions up to 3.0.4 and requires an authenticated user with the Author+ role to exploit. No public...
PT-2025-38834
Name of the Vulnerable Software and Affected Versions MakeStories for Google Web Stories versions through 3.0.4 Description A Server-Side Request Forgery SSRF vulnerability exists in MakeStories for Google Web Stories. This issue allows Server Side Request Forgery. The vulnerability potentially...
WordPress plugin MakeStories (for Google Web Stories) 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
CVE-2024-54317
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Google Web Stories web-stories allows Stored XSS.This issue affects Web Stories: from n/a through = 1.37.0...
CVE-2023-27448
Cross-Site Request Forgery CSRF vulnerability in MakeStories Team MakeStories for Google Web Stories plugin = 2.8.0 versions...
CVE-2024-38746
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...
CVE-2024-54317
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Google Web Stories web-stories allows Stored XSS.This issue affects Web Stories: from n/a through = 1.37.0...
CVE-2024-54317
CVE-2024-54317 concerns Google Web Stories (WordPress plugin). Connected sources confirm a Stored XSS vulnerability in Web Stories, affecting versions up to at least 1.37.0. The attack is described as an input neutralization issue during web page generation, enablingStored Cross-Site Scripting in...
PT-2024-36199 · Google · Google Web Stories
Name of the Vulnerable Software and Affected Versions: Google Web Stories versions n/a through 1.37.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicio...
CVE-2024-38746
CVE-2024-38746 affects the WordPress MakeStories (for Google Web Stories) plugin: MakeStories (for Google Web Stories) up to version 3.0.3 is affected by a path traversal vulnerability that also enables Server-Side Request Forgery (SSRF), potentially allowing arbitrary file download. The connecte...
WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vulnerability
Arbitrary File Download and SSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin MakeStories for Google Web Stories versions = 3.0.3...
WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.3 is vulnerable to Arbitrary File Download
Software MakeStories for Google Web Stories Type Plugin Vulnerable versions = 3.0.3 Fixed in 3.0.4 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-38746 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 40afb38048ba Credits Majed...