24 matches found
EUVD-2025-10580
Malicious code in bioql PyPI...
EUVD-2025-3765
Malicious code in bioql PyPI...
EUVD-2024-53088
Malicious code in bioql PyPI...
CVE-2025-32623
Cross-Site Request Forgery CSRF vulnerability in plainware PlainInventory z-inventory-manager allows Stored XSS.This issue affects PlainInventory: from n/a through = 3.1.9...
CVE-2025-32623
Cross-Site Request Forgery CSRF vulnerability in plainware PlainInventory z-inventory-manager allows Stored XSS.This issue affects PlainInventory: from n/a through = 3.1.9...
CVE-2025-32623
The CVE-2025-32623 entry concerns PlainInventory (WordPress plugin) with a CSRF to Stored XSS issue affecting versions up to 3.1.9. The connected Wordfence vulnerability listing confirms the issue and indicates the patch status as Unpatched (no publicly released fix details in the provided docume...
CVE-2025-32623 WordPress PlainInventory plugin <= 3.1.9 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in plainware PlainInventory z-inventory-manager allows Stored XSS.This issue affects PlainInventory: from n/a through = 3.1.9...
WordPress PlainInventory plugin <= 3.1.9 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin PlainInventory versions = 3.1.9...
PT-2025-15806 · Unknown · Plaininventory
Name of the Vulnerable Software and Affected Versions: PlainInventory versions n/a through 3.1.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on the web application,...
WordPress plugin PlainInventory 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2025-24557
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware PlainInventory z-inventory-manager allows Reflected XSS.This issue affects PlainInventory: from n/a through = 3.1.5...
CVE-2024-56291
Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through = 3.1.6...
CVE-2025-24557
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware PlainInventory z-inventory-manager allows Reflected XSS.This issue affects PlainInventory: from n/a through = 3.1.5...
CVE-2025-24557
The CVE-2025-24557 entry concerns the WordPress PlainInventory plugin (PlainInventory) with versions n/a through 3.1.5. The root cause is improper neutralization of inputs during web-page generation, leading to a reflected XSS vulnerability. Affected component/file is the input handling used in p...
CVE-2025-24557 WordPress PlainInventory plugin <= 3.1.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware PlainInventory z-inventory-manager allows Reflected XSS.This issue affects PlainInventory: from n/a through = 3.1.5...
CVE-2025-24557 WordPress PlainInventory plugin <= 3.1.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware PlainInventory z-inventory-manager allows Reflected XSS.This issue affects PlainInventory: from n/a through = 3.1.5...
WordPress plugin PlainInventory 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-56291
Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through = 3.1.6...
CVE-2024-56291 WordPress PlainInventory – Inventory Management Plugin Plugin <= 3.1.6 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through = 3.1.6...
CVE-2024-56291 WordPress PlainInventory – Inventory Management Plugin Plugin <= 3.1.6 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through = 3.1.6...