WooCommerce Help Scout - Arbitrary File Upload

WooCommerce Help Scout plugin before version 2.9.1 contains an unrestricted file upload vulnerability. The vulnerability allows unauthenticated users to upload arbitrary files to the server which by default will end up in wp-content/uploads/hstmp/ directory, potentially leading to remote code...

EUVD-2021-11126

Malware in sbrugna...

EUVD-2024-45537

Malicious code in bioql PyPI...

EUVD-2024-45628

Malicious code in bioql PyPI...

EUVD-2025-2792

Malicious code in bioql PyPI...

CVE-2025-22512

Missing Authorization vulnerability in BoldGrid Help Scout help-scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through = 6.5.6...

CVE-2024-51828

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dan Griffiths Beacon For Help Scout beacon-for-helpscout allows DOM-Based XSS.This issue affects Beacon For Help Scout: from n/a through = 1.3.0...

CVE-2021-24212

The WooCommerce Help Scout WordPress plugin before 2.9.1 https://woocommerce.com/products/woocommerce-help-scout/ allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp...

CVE-2024-51778

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tevya Satisfaction Reports from Help Scout happiness-reports-for-help-scout allows Reflected XSS.This issue affects Satisfaction Reports from Help Scout: from n/a through = 2.0.3...

CVE-2025-22512

Missing Authorization vulnerability in BoldGrid Help Scout help-scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through = 6.5.6...

CVE-2025-22512

CVE-2025-22512 is a Missing Authorization vulnerability affecting the Help Scout plugin for WordPress (Sprout Apps Help Scout). The Red Hat entry notes the issue affects Help Scout versions from n/a up to 6.5.1. Wordfence references the same CVE and lists the vulnerability in its vulnerability da...

CVE-2025-22512 WordPress Help Scout Plugin <= 6.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in BoldGrid Help Scout help-scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through = 6.5.6...

CVE-2025-22512 WordPress Help Scout Plugin <= 6.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in BoldGrid Help Scout help-scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through = 6.5.6...

WordPress Help Scout Plugin <= 6.5.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Help Scout versions = 6.5.6...

WordPress plugin Help Scout 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-51828 WordPress Beacon For Help Scout plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dan Griffiths Beacon For Help Scout beacon-for-helpscout allows DOM-Based XSS.This issue affects Beacon For Help Scout: from n/a through = 1.3.0...

CVE-2024-51828 WordPress Beacon For Help Scout plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dan Griffiths Beacon For Help Scout beacon-for-helpscout allows DOM-Based XSS.This issue affects Beacon For Help Scout: from n/a through = 1.3.0...

CVE-2024-51828

CVE-2024-51828 is an XSS vulnerability affecting the WordPress plugin Beacon For Help Scout (WordPress plugin) with versions up to and including 1.3.0 . The issue is described as an Authenticated (Contributor+) Stored Cross-Site Scripting vector arising from improper neutralization of input durin...

WordPress plugin Beacon For Help Scout 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2024-51778

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tevya Satisfaction Reports from Help Scout happiness-reports-for-help-scout allows Reflected XSS.This issue affects Satisfaction Reports from Help Scout: from n/a through = 2.0.3...