16 matches found
CVE-2025-64231
Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Contact Form 7 PDF, Google Sheet & Database rtwwcfp-wordpress-contact-form-7-pdf allows Using Malicious Files.This issue affects WordPress Contact Form 7 PDF, Google Sheet & Database: from n/a through =...
EUVD-2025-204071
Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Contact Form 7 PDF, Google Sheet & Database rtwwcfp-wordpress-contact-form-7-pdf allows Using Malicious Files.This issue affects WordPress Contact Form 7 PDF, Google Sheet & Database: from n/a through =...
PT-2025-52174
Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Contact Form 7 PDF, Google Sheet & Database rtwwcfp-wordpress-contact-form-7-pdf allows Using Malicious Files.This issue affects WordPress Contact Form 7 PDF, Google Sheet & Database: from n/a through =...
EUVD-2025-3777
Malicious code in bioql PyPI...
EUVD-2025-11340
Malicious code in bioql PyPI...
EUVD-2025-9196
Malicious code in bioql PyPI...
CVE-2025-39518
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RedefiningTheWeb BMA Lite bma-lite-appointment-booking-and-scheduling allows SQL Injection.This issue affects BMA Lite: from n/a through = 1.4.2...
CVE-2025-39518
CVE-2025-39518 describes an SQL Injection in the WordPress plugin BMA Lite – Appointment Booking and Scheduling . The vulnerability affects versions
CVE-2025-39518 WordPress BMA Lite <= 1.4.2 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RedefiningTheWeb BMA Lite allows SQL Injection. This issue affects BMA Lite: from n/a through 1.4.2...
CVE-2025-39518 WordPress BMA Lite plugin <= 1.4.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RedefiningTheWeb BMA Lite bma-lite-appointment-booking-and-scheduling allows SQL Injection.This issue affects BMA Lite: from n/a through = 1.4.2...
CVE-2025-31850
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder pdf-generator-addon-for-elementor-page-builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builder:...
PT-2025-14228 · Unknown · Redefiningtheweb Pdf Generator Addon
Name of the Vulnerable Software and Affected Versions: RedefiningTheWeb PDF Generator Addon for Elementor Page Builder versions 1.7.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored...
PT-2025-5410 · Unknown · Redefiningtheweb Pdf Generator Addon
Name of the Vulnerable Software and Affected Versions: RedefiningTheWeb PDF Generator Addon for Elementor Page Builder versions 1.7.5 and earlier Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'. This allows...
CVE-2024-50449
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder pdf-generator-addon-for-elementor-page-builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builder:...
CVE-2024-50449 WordPress PDF Generator Addon for Elementor Page Builder plugin <= 1.7.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder pdf-generator-addon-for-elementor-page-builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builder:...
CVE-2024-50449
CVE-2024-50449 is a stored XSS vulnerability in the WordPress PDF Generator Addon for Elementor Page Builder (PDF Generator Addon for Elementor Page Builder) affecting versions up to 1.7.4. The issue arises from improper neutralization of input during web page generation. Patchstack notes a fixed...