208 matches found
WordPress Image Hover Ultimate - Unauthenticated Settings Update
Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin. id: CVE-2021-36888 info: name: WordPress Image Hover Ultimate - Unauthenticated Settings Update author: riteshs4hu severity:...
WordPress Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id, oxi_addons_f_title_tag, and content_description_tag Parameters vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via id, oxiaddonsftitletag, and contentdescriptiontag Parameters vulnerability discovered by stealthcopter in WordPress Plugin Image Hover Effects - Caption Hover with Carousel versions = 3.0.2...
WordPress Quantic Social Image Hover plugin <= 1.0.8 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by dayea song - Ahnlab in WordPress Plugin Quantic Social Image Hover versions = 1.0.8...
CVE-2025-13360
CVE-2025-13360 relates to the WordPress plugin Quantic Social Image Hover (versions up to and including 1.0.8). The vulnerability is a Cross-Site Request Forgery (CSRF) due to missing nonce validation on the plugin’s settings update function. Exploitation requires tricking a site administrator in...
CVE-2025-13360 Quantic Social Image Hover <= 1.0.8 - Cross-Site Request Forgery to Settings Update
The Quantic Social Image Hover plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin's...
WordPress plugin Quantic Social Image Hover 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...
PT-2025-49213
The Quantic Social Image Hover plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin's...
WordPress Image Hover Effects Ultimate plugin <= 9.10.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Image Hover Effects Ultimate versions = 9.10.5...
WordPress Image Hover Effects for Elementor plugin <= 1.0.2.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Upload vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Upload vulnerability discovered by theviper17y in WordPress Plugin Image Hover Effects for Elementor versions = 1.0.2.3...
WordPress plugin多款产品 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL-based...
EUVD-2021-11178
Malware in sbrugna...
EUVD-2023-27768
Malicious code in bioql PyPI...
EUVD-2025-17240
Malicious code in bioql PyPI...
EUVD-2025-2860
Malicious code in bioql PyPI...
EUVD-2022-42965
Malicious code in bioql PyPI...
EUVD-2025-30703
Malicious code in bioql PyPI...
EUVD-2024-16934
Malicious code in bioql PyPI...
EUVD-2023-51663
Malicious code in bioql PyPI...
EUVD-2022-51391
Malicious code in bioql PyPI...
EUVD-2024-36745
Malicious code in bioql PyPI...