66 matches found
NFTDELTA: Detecting Permission Control Vulnerabilities in NFT Contracts through Multi-View Learning
Permission control vulnerabilities in Non-fungible token NFT contracts can result in significant financial losses, as attackers may exploit these weaknesses to gain unauthorized access or circumvent critical permission checks. In this paper, we propose NFTDELTA, a framework that leverages static...
CVE-2026-25465
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Stored XSS.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.36...
EUVD-2026-15750
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Stored XSS.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.35...
CVE-2026-25465
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Stored XSS.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.36...
CVE-2026-25465
CVE-2026-25465 : CP Multi View Events Calendar (cp-multi-view-calendar) is affected by an authenticated Stored XSS due to improper input neutralization during web page generation. The vulnerability affects CP Multi View Events Calendar versions from n/a up to and including 1.4.35. Successful expl...
CVE-2026-25465
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Stored XSS.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.37...
CVE-2026-25465 WordPress CP Multi View Event Calendar plugin <= 1.4.36 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Stored XSS.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.36...
CVE-2026-25465 WordPress CP Multi View Event Calendar plugin <= 1.4.36 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Stored XSS.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.36...
WordPress plugin CP Multi View Event Calendar 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-27959
Name of the Vulnerable Software and Affected Versions codepeople CP Multi View Event Calendar versions through 1.4.35 Description The software contains a flaw related to improper input handling during web page generation, leading to a cross-site scripting issue. This allows for Stored XSS attacks...
ShellForge: Adversarial Co-Evolution of Webshell Generation and Multi-View Detection for Robust Webshell Defense
Webshells remain a primary foothold for attackers to compromise servers, particularly within PHP ecosystems. However, existing detection mechanisms often struggle to keep pace with rapid variant evolution and sophisticated obfuscation techniques that camouflage malicious intent. Furthermore, many...
MASCOT: Analyzing Malware Evolution through a Well-Curated Source Code Dataset
In recent years, the explosion of malware and extensive code reuse have formed complex evolutionary connections among malware specimens. The rapid pace of development makes it challenging for existing studies to characterize recent evolutionary trends. In addition, intuitive tools to untangle the...
MalRAG: A Retrieval-Augmented LLM Framework for Open-Set Malicious Traffic Identification
Fine-grained identification of IDS-flagged suspicious traffic is crucial in cybersecurity. In practice, cyber threats evolve continuously, making the discovery of novel malicious traffic a critical necessity as well as the identification of known classes. Recent studies have advanced this goal wi...
EUVD-2023-27900
Malicious code in bioql PyPI...
EUVD-2023-32162
Malicious code in bioql PyPI...
WordPress Plugin CP Multi View Event Calendar Authorization Missing Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An authorization missing vulnerability exists in the WordPress plugin CP Multi View Event...
CVE-2025-58009
Missing Authorization vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.36...
WordPress CP Multi View Event Calendar plugin <= 1.4.34 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin CP Multi View Event Calendar versions = 1.4.34...
CVE-2025-58009 WordPress CP Multi View Event Calendar plugin <= 1.4.35 - Broken Access Control vulnerability
Missing Authorization vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.35...
CVE-2025-58009
The CVE-2025-58009 entry concerns CP Multi View Events Calendar for WordPress with a Missing Authorization flaw. Affected versions are listed as up to 1.4.32 (range includes unspecified start). The vulnerability arises from incorrectly configured access control security levels, enabling unauthori...