EUVD-2024-37594

Malicious code in bioql PyPI...

EUVD-2025-30645

Malicious code in bioql PyPI...

EUVD-2023-31224

Malicious code in bioql PyPI...

CVE-2025-57984

Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories makestories-helper allows Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through = 3.0.4...

WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin MakeStories for Google Web Stories versions = 3.0.4...

CVE-2025-57984

CVE-2025-57984 is described as a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin MakeStories (for Google Web Stories) . Connected documents indicate the issue is present in versions up to 3.0.4 and requires an authenticated user with the Author+ role to exploit. No public...

CVE-2025-57984 WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories makestories-helper allows Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through = 3.0.4...

CVE-2025-57984 WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories allows Server Side Request Forgery. This issue affects MakeStories for Google Web Stories: from n/a through 3.0.4...

WordPress plugin MakeStories (for Google Web Stories) 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

PT-2025-38834

Name of the Vulnerable Software and Affected Versions MakeStories for Google Web Stories versions through 3.0.4 Description A Server-Side Request Forgery SSRF vulnerability exists in MakeStories for Google Web Stories. This issue allows Server Side Request Forgery. The vulnerability potentially...

CVE-2023-27448

Cross-Site Request Forgery CSRF vulnerability in MakeStories Team MakeStories for Google Web Stories plugin = 2.8.0 versions...

CVE-2024-38746

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...

CVE-2024-38746

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...

CVE-2024-38746 WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...

CVE-2024-38746

CVE-2024-38746 affects the WordPress MakeStories (for Google Web Stories) plugin: MakeStories (for Google Web Stories) up to version 3.0.3 is affected by a path traversal vulnerability that also enables Server-Side Request Forgery (SSRF), potentially allowing arbitrary file download. The connecte...

CVE-2024-38746 WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...

WordPress plugin MakeStories 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vulnerability

Arbitrary File Download and SSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin MakeStories for Google Web Stories versions = 3.0.3...

WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.3 is vulnerable to Arbitrary File Download

Software MakeStories for Google Web Stories Type Plugin Vulnerable versions = 3.0.3 Fixed in 3.0.4 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-38746 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 40afb38048ba Credits Majed...

MakeStories (for Google Web Stories) <= 2.8.2 - Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...