104 matches found
CVE-2026-22850
Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...
WordPress Koko Analytics plugin <= 2.1.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Hector Ruiz Ruiz in WordPress Plugin Koko Analytics versions = 2.1.2...
CVE-2026-22850
Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...
CVE-2026-22850 Koko Analytics vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import
Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...
CVE-2026-22850
Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...
CVE-2026-22850 Koko Analytics vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import
Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...
CVE-2026-22850 Koko Analytics vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import
Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...
CVE-2026-22850
Koko Analytics for WordPress (
EUVD-2026-3319
Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...
WordPress plugin Koko Analytics has a SQL injection vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
EUVD-2025-140712
Malicious code in koko-poke24 npm...
EUVD-2025-140716
Malicious code in koko-poke20 npm...
Malicious code in koko-poke16 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91bef030ad27df3369de229a3d84232471cefcbda3d480f6ff9e99d41765f7de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in koko-poke1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 052504e6dbb255bed00da650bb14612ca713af07982cf6c7c3e25db6a3a74976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-140717
Malicious code in koko-poke2 npm...
EUVD-2025-140720
Malicious code in koko-poke17 npm...
EUVD-2025-140713
Malicious code in koko-poke23 npm...
Malicious code in koko-poke2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2795bfc9875219076951e65fc5546f230ea42cd4aa10669dd1faf09240e67dbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in koko-poke18 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03a951b7d6c9342f4e7e291705fd7506aeb5724fee4322ac933b48e2129ad8d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-140726
Malicious code in koko-poke11 npm...