CVE-2025-12904

The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insertdata' AJAX endpoint in all versions up to, and including, 0.4.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

EUVD-2025-180547

The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insertdata' AJAX endpoint in all versions up to, and including, 0.4.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2025-12904

The CVE-2025-12904 entry concerns SNORDIAN's H5PxAPIkatchu WordPress plugin. A stored XSS exists in all versions up to 0.4.17 via the insert_data AJAX endpoint due to insufficient input sanitization and output escaping, enabling unauthenticated attackers to inject scripts that run when a user vie...

CVE-2025-12904 SNORDIAN's H5PxAPIkatchu <= 0.4.17 - Unauthenticated Stored Cross-Site Scripting via insert_data

The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insertdata' AJAX endpoint in all versions up to, and including, 0.4.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

WordPress plugin SNORDIANs H5PxAPIkatchu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress SNORDIAN's H5PxAPIkatchu plugin <= 0.4.17 - Unauthenticated Stored Cross-Site Scripting via insert_data vulnerability

Unauthenticated Stored Cross-Site Scripting via insertdata vulnerability discovered by Moose Love - Nagasaki Prefectural University in WordPress Plugin SNORDIAN's H5PxAPIkatchu versions = 0.4.17...

EUVD-2025-8351

Malicious code in bioql PyPI...

CVE-2025-30821

Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu h5pxapikatchu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SNORDIAN's H5PxAPIkatchu: from n/a through = 0.4.14...

CVE-2025-30821

Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu h5pxapikatchu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SNORDIAN's H5PxAPIkatchu: from n/a through = 0.4.14...

WordPress SNORDIAN's H5PxAPIkatchu plugin <= 0.4.14 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin SNORDIAN's H5PxAPIkatchu versions = 0.4.14...

CVE-2025-30821 WordPress SNORDIAN's H5PxAPIkatchu plugin <= 0.4.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu h5pxapikatchu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SNORDIAN's H5PxAPIkatchu: from n/a through = 0.4.14...

CVE-2025-30821

CVE-2025-30821 pertains to SNORDIAN's H5PxAPIkatchu with Missing Authorization. According to the Wordfence vulnerability report, affected versions are SNORDIAN's H5PxAPIkatchu from

CVE-2025-30821 WordPress SNORDIAN's H5PxAPIkatchu plugin <= 0.4.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu h5pxapikatchu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SNORDIAN's H5PxAPIkatchu: from n/a through = 0.4.14...

WordPress plugin SNORDIAN H5PxAPIkatchu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...