CVE-2025-10705 MxChat – AI Chatbot for WordPress <= 2.4.6 - Unauthenticated Blind Server-Side Request Forgery

The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.4.6. This is due to insufficient validation of user-supplied URLs in the PDF processing functionality. This makes it possible for unauthenticated...

CVE-2025-10705

The CVE-2025-10705 affects MxChat – AI Chatbot for WordPress (WordPress plugin). The Wordfence report confirms an unauthenticated Blind SSRF vulnerability in the plugin’s PDF processing due to insufficient validation of user-supplied URLs, enabling an attacker to coerce the WordPress server into ...

CVE-2025-10705 MxChat – AI Chatbot for WordPress <= 2.4.6 - Unauthenticated Blind Server-Side Request Forgery

The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.4.6. This is due to insufficient validation of user-supplied URLs in the PDF processing functionality. This makes it possible for unauthenticated...

EUVD-2020-30676

Malware in sbrugna...

EUVD-2018-9446

Malware in sbrugna...

EUVD-2020-20275

Malware in sbrugna...

EUVD-2018-6238

Malware in sbrugna...

EUVD-2017-12235

Malware in sbrugna...

EUVD-2018-6239

Malware in sbrugna...

EUVD-2019-16160

Malware in sbrugna...

EUVD-2016-9235

Malware in sbrugna...

EUVD-2019-14671

Malware in sbrugna...

EUVD-2019-16293

Malware in sbrugna...

EUVD-2019-16287

Malware in sbrugna...

EUVD-2022-37993

Malicious code in bioql PyPI...

EUVD-2022-39704

Malicious code in bioql PyPI...

EUVD-2022-0214

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-43718

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...

Linux Distros Unpatched Vulnerability : CVE-2022-35095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc. CVE-2022-35095 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2022-35091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWFTools commit 772e55a2 was discovered to contain a floating point exception FPE via DCTStream::readMCURow at /xpdf/Stream.cc.ow CVE-2022-35091 Note that Nessu...