9 matches found
EUVD-2025-28307
Malicious code in bioql PyPI...
CVE-2025-49434
Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Rent cars4rent allows Object Injection.This issue affects Cars4Rent: from n/a through = 1.4.2...
CVE-2025-49434
Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Rent cars4rent allows Object Injection.This issue affects Cars4Rent: from n/a through = 1.4.2...
CVE-2025-49434 WordPress Laposta WooCommerce plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stijnvanderree Laposta WooCommerce allows Stored XSS. This issue affects Laposta WooCommerce: from n/a through 1.9.1...
CVE-2025-49434
Deserialization of Untrusted Data vulnerability in WordPress Cars4Rent Theme/Cars4Rent plugin (CVE-2025-49434) affects Cars4Rent: from n/a through <= 1.4.2. Root cause: PHP object deserialization leading to Object Injection. Impact is rated Critical (CVSS 3.1 base 9.8) with potential HIGH impa...
CVE-2025-49434 WordPress Cars4Rent Theme <= 1.4.2 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Rent cars4rent allows Object Injection.This issue affects Cars4Rent: from n/a through = 1.4.2...
WordPress plugin Laposta WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-33954 · WordPress · Laposta Woocommerce
Name of the Vulnerable Software and Affected Versions: Laposta WooCommerce versions through 1.9.1 Description: This issue involves improper neutralization of input during web page generation, leading to a Stored Cross-Site Scripting XSS condition. Successful exploitation could allow an attacker t...
WordPress Laposta WooCommerce plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Laposta WooCommerce versions = 1.9.1...