78 matches found
EUVD-2014-7806
Malware in sbrugna...
EUVD-2021-11252
Malware in sbrugna...
EUVD-2014-7807
Malware in sbrugna...
EUVD-2021-11251
Malware in sbrugna...
EUVD-2024-32522
Malicious code in bioql PyPI...
EUVD-2023-59161
Malicious code in bioql PyPI...
EUVD-2023-59191
Malicious code in bioql PyPI...
CVE-2024-9883
The Pods WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-6999
The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to Remote Code Exxecution via shortcode in all versions up to, and including, 3.0.10 with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2. This makes it possible for authenticated attackers, with contributor level access ...
CVE-2023-6967
The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to SQL Injection via shortcode in all versions up to, and including, 3.0.10 with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...
CVE-2023-6965
The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.0.10 with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2. This is due to the fact that the plugin allows the use of a file inclusion feature via shortcode...
CVE-2021-24338
The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Singular Label' field parameter...
CVE-2021-24339
The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Menu Label' field parameter...
WordPress Pods plugin < 3.2.8.2 - Admin+ SQL Injection vulnerability
Admin+ SQL Injection vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Pods versions 3.2.8.2...
CVE-2025-1446
The Pods WordPress plugin before 3.2.8.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2025-1446 Pods < 3.2.8.2 - Admin+ SQL Injection
The Pods WordPress plugin before 3.2.8.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
WordPress plugin Pods 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-11849
CVE-2024-11849 — Pods (WordPress) vulnerable to authenticated Stored XSS due to unsanitized/escaped settings in Pods Custom Content Types and Fields. Affected: Pods plugin for WordPress (prior to or up to 3.2.8) in admin contexts. Impact: high-privilege users (e.g., admins) can inject scripts via...
CVE-2024-11849 Pods – Custom Content Types and Fields < 3.2.8.1 - Admin+ Stored XSS
The Pods WordPress plugin before 3.2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11849 Pods – Custom Content Types and Fields < 3.2.8.1 - Admin+ Stored XSS
The Pods WordPress plugin before 3.2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...