EUVD-2023-32958

Malicious code in bioql PyPI...

EUVD-2023-32959

Malicious code in bioql PyPI...

EUVD-2025-2829

Malicious code in bioql PyPI...

CVE-2023-29387

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Julien Crego Manager for Icomoon plugin = 2.0 versions...

CVE-2023-29386

Unrestricted Upload of File with Dangerous Type vulnerability in Julien Crego Manager for Icomoon.This issue affects Manager for Icomoon: from n/a through 2.0...

CVE-2023-29386

CVE-2023-29386 concerns the WordPress WordPress Manager for Icomoon plugin (<=2.0). An unauthenticated, unrestricted upload of files with dangerous types via the plugin’s upload endpoint enables arbitrary file upload. Technical details in connected docs show an exploit exists (PoC in a GitHub ...

CVE-2023-29387

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Julien Crego Manager for Icomoon plugin = 2.0 versions...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Julien Crego Manager for Icomoon plugin = 2.0 versions...

CVE-2023-29387

CVE-2023-29387 affects the WordPress plugin Manager for Icomoon (Julien Crego) with a Stored Cross-Site Scripting (XSS) vulnerability in versions ≤ 2.0, exploitable by users with contributor+ permissions. Multiple sources corroborate a fix in version 2.2; update to >2.0 (ideally 2.2 or later) ...

CVE-2023-29387 WordPress Manager for Icomoon Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Julien Crego Manager for Icomoon plugin = 2.0 versions...