CVE-2025-13029

The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not have authorisation when deleting users via its REST API, allowing unauthenticated attackers to delete arbitrary users...

WordPress Knowband Mobile App Builder for wooCommerce plugin < 3.0.0 - Unauthenticated Arbitrary User Deletion vulnerability

Unauthenticated Arbitrary User Deletion vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Knowband Mobile App Builder versions 3.0.0...

EUVD-2025-205886

The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not have authorisation when deleting users via its REST API, allowing unauthenticated attackers to delete arbitrary users...

CVE-2025-13029

The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not have authorisation when deleting users via its REST API, allowing unauthenticated attackers to delete arbitrary users...

CVE-2025-13029 Knowband Mobile App Builder for wooCommerce < 3.0.0 – Unauthenticated Arbitrary User Deletion

The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not have authorisation when deleting users via its REST API, allowing unauthenticated attackers to delete arbitrary users...

CVE-2025-13029 Knowband Mobile App Builder for wooCommerce < 3.0.0 – Unauthenticated Arbitrary User Deletion

The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not have authorisation when deleting users via its REST API, allowing unauthenticated attackers to delete arbitrary users...

CVE-2025-13029

CVE-2025-13029 concerns the Knowband Mobile App Builder for WordPress (WooCommerce) before version 3.0.0. The issue is a lack of authorization on the REST API endpoint used to delete users, allowing unauthenticated attackers to delete arbitrary users. Publicly disclosed details across multiple co...

WordPress plugin Knowband Mobile App Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-54282

Name of the Vulnerable Software and Affected Versions Knowband Mobile App Builder WordPress plugin versions prior to 3.0.0 Description The plugin lacks proper authorization checks when deleting users through its REST API. This allows unauthenticated attackers to delete any user. The vulnerable AP...

EUVD-2023-48383

Malicious code in bioql PyPI...

EUVD-2023-49676

Malicious code in bioql PyPI...

CVE-2024-28389

SQL injection vulnerability in KnowBand spinwheel v.3.0.3 and before allows a remote attacker to gain escalated privileges and obtain sensitive information via the SpinWheelFrameSpinWheelModuleFrontController::sendEmail method...

CVE-2024-33272

SQL injection vulnerability in KnowBand for PrestaShop autosuggest before 2.0.0 allows an attacker to run arbitrary SQL commands via the AutosuggestSearchModuleFrontController::initContent, and AutosuggestSearchModuleFrontController::getKbProducts components...

CVE-2023-44024

SQL injection vulnerability in KnowBand Module One Page Checkout, Social Login & Mailchimp supercheckout v.8.0.3 and before allows a remote attacker to execute arbitrary code via a crafted request to the updateCheckoutBehaviour function in the supercheckout.php component...

CVE-2023-45384

KnowBand supercheckout 5.0.7 and 6.0.7 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the module "Module One Page Checkout, Social Login & Mailchimp" supercheckout, a guest can upload files with extensions .php...

CVE-2024-33272

SQL injection vulnerability in KnowBand for PrestaShop autosuggest before 2.0.0 allows an attacker to run arbitrary SQL commands via the AutosuggestSearchModuleFrontController::initContent, and AutosuggestSearchModuleFrontController::getKbProducts components...

PT-2024-25183 · Unknown · Knowband For Prestashop Autosuggest

Name of the Vulnerable Software and Affected Versions: KnowBand for PrestaShop autosuggest versions prior to 2.0.0 Description: The issue allows an attacker to run arbitrary SQL commands via the AutosuggestSearchModuleFrontController::initContent and...

CVE-2024-33272

SQL injection vulnerability in KnowBand for PrestaShop autosuggest before 2.0.0 allows an attacker to run arbitrary SQL commands via the AutosuggestSearchModuleFrontController::initContent, and AutosuggestSearchModuleFrontController::getKbProducts components...

CVE-2024-33272

CVE-2024-33272 is a SQL injection vulnerability in KnowBand for PrestaShop autosuggest prior to 2.0.0. The flaw allows an attacker to execute arbitrary SQL commands through the affected controllers, AutosuggestSearchModuleFrontController::initContent() and AutosuggestSearchModuleFrontController::...

CVE-2024-33272

SQL injection vulnerability in KnowBand for PrestaShop autosuggest before 2.0.0 allows an attacker to run arbitrary SQL commands via the AutosuggestSearchModuleFrontController::initContent, and AutosuggestSearchModuleFrontController::getKbProducts components...