EUVD-2024-42361

Malicious code in bioql PyPI...

EUVD-2024-28166

Malicious code in bioql PyPI...

EUVD-2024-29197

Malicious code in bioql PyPI...

EUVD-2022-49918

Malicious code in bioql PyPI...

EUVD-2024-25125

Malicious code in bioql PyPI...

CVE-2024-10705

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...

CVE-2022-2100

The Page Generator WordPress plugin before 1.6.5 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2024-47325

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle MPG multiple-pages-generator-by-porthas allows SQL Injection.This issue affects MPG: from n/a through = 3.4.7...

CVE-2024-27951

Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0...

CVE-2024-10705

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...

CVE-2024-10705 Multiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrl

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...

CVE-2024-10705

CVE-2024-10705 affects the WordPress plugin “Multiple Page Generator Plugin – MPG” with vulnerability in all versions up to 4.0.5. The flaw is Server-Side Request Forgery (SSRF) via the mpg_download_file_by_link function, allowing authenticated attackers with editor-level access or higher to trig...

CVE-2024-10705 Multiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrl

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...

WordPress plugin Multiple Page Generator Plugin – MPG 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Multiple...

CVE-2024-47325

CVE-2024-47325 corresponds to a SQL Injection in the WordPress plugin Multiple Page Generator Plugin – MPG (versions

CVE-2024-31301

CVE-2024-31301 is a CSRF vulnerability in the Themeisle Multiple Page Generator Plugin – MPG, affecting versions up to 3.4.0. The connected sources confirm the issue is CSRF in that plugin and link it to the same CVE entry. The provided documents describe the root cause as cross-site request forg...

CVE-2024-30235

Technical details about CVE-2024-30235 are not provided in the supplied documents. Public disclosures or vendor advisories are not included here; monitor for updates from the vendor, CVE databases, or security advisories.

Multiple Page Generator Plugin – MPG < 3.4.1 - Authenticated (Editor+) Remote Code Execution

Description The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.4.0. This makes it possible for authenticated attackers, with editor-level access and above, to execute code on the server...

CVE-2023-52131 WordPress Page Generator Plugin <= 1.7.1 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Zinc Page Generator.This issue affects Page Generator: from n/a through 1.7.1...

CVE-2023-2607

The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...