728 matches found
EUVD-2025-29359
Malicious code in bioql PyPI...
EUVD-2024-16385
Malicious code in bioql PyPI...
EUVD-2024-17700
Malicious code in bioql PyPI...
EUVD-2025-27058
Malicious code in bioql PyPI...
EUVD-2025-27630
Malicious code in bioql PyPI...
EUVD-2024-48952
Malicious code in bioql PyPI...
EUVD-2024-31902
Malicious code in bioql PyPI...
EUVD-2024-33793
Malicious code in bioql PyPI...
EUVD-2024-16389
Malicious code in bioql PyPI...
EUVD-2023-58502
Malicious code in bioql PyPI...
CVE-2025-9984
CVE-2025-9984 (FIFU, Featured Image from URL, WordPress) : The FIFU plugin is vulnerable to an unauthorized access exposure due to a missing capability check in fifu_api_debug_posts(). This allows unauthenticated attackers to read private/password protected posts in all versions up to 5.2.7. Conn...
PT-2025-39498
Name of the Vulnerable Software and Affected Versions Featured Image from URL FIFU plugin for WordPress versions through 5.2.7 Description The plugin is susceptible to unauthorized data access because of a missing capability check within the fifu api debug posts function. This allows...
CVE-2025-9808
The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.15.2 via the REST endpoint. This makes it possible for unauthenticated attackers to extract information about password-protected vendors or venues...
CVE-2025-9808 The Events Calendar <= 6.15.2 - Missing Authorization to Unauthenticated Password-Protected Information Disclosure
The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.15.2 via the REST endpoint. This makes it possible for unauthenticated attackers to extract information about password-protected vendors or venues...
CVE-2025-9808 The Events Calendar <= 6.15.2 - Missing Authorization to Unauthenticated Password-Protected Information Disclosure
The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.15.2 via the REST endpoint. This makes it possible for unauthenticated attackers to extract information about password-protected vendors or venues...
CVE-2025-9808
The Events Calendar WordPress plugin (versions up to and including 6.15.2) exposes information via a REST endpoint, enabling unauthenticated attackers to extract data about password-protected vendors or venues. Root cause: REST endpoint information exposure leading to information disclosure. Affe...
PT-2025-37866
Name of the Vulnerable Software and Affected Versions The Events Calendar plugin for WordPress versions prior to 6.15.3 Description The Events Calendar plugin for WordPress is susceptible to information disclosure through the REST endpoint. This allows unauthenticated attackers to extract...
CVE-2025-9034
The Wp Edit Password Protected WordPress plugin before 1.3.5 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue...
WordPress Wp Edit Password Protected plugin < 1.3.5 - Open Redirect vulnerability
Open Redirect vulnerability discovered by Bob Matyas in WordPress Plugin Wp Edit Password Protected – Create Member/User Only Page & Design Password Protected Form versions 1.3.5...
CVE-2025-9034
The Wp Edit Password Protected WordPress plugin before 1.3.5 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue...