22 matches found
CVE-2023-25708
Cross-Site Request Forgery CSRF vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin = 8.2.7 versions...
CVE-2025-62885
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through = 8.5.48...
EUVD-2025-3922
Malicious code in bioql PyPI...
EUVD-2024-43731
Malicious code in bioql PyPI...
EUVD-2024-43359
Malicious code in bioql PyPI...
EUVD-2025-18541
Malicious code in bioql PyPI...
CVE-2025-47452 WordPress WP VR <= 8.5.26 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a Web Shell to a Web Server. This issue affects WP VR: from n/a through 8.5.26...
CVE-2025-47452
CVE-2025-47452 concerns RexTheme WP VR (WP VR) with an Unrestricted Upload of File with Dangerous Type vulnerability, allowing a Web Shell upload on servers running WP VR up to version 8.5.26. The vulnerability arises from an unsafe file upload handling in WP VR, affecting versions through 8.5.26...
CVE-2025-24730
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through = 8.5.14...
CVE-2024-49293
Missing Authorization vulnerability in RexTheme WP VR wpvr allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through = 8.5.4...
CVE-2024-49680
Missing Authorization vulnerability in RexTheme WP VR wpvr allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through = 8.5.5...
CVE-2025-24730
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through = 8.5.14...
CVE-2025-24730 WordPress WP VR plugin <= 8.5.14 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RexTheme WP VR wpvr allows DOM-Based XSS.This issue affects WP VR: from n/a through = 8.5.14...
CVE-2024-49680
Missing Authorization vulnerability in RexTheme WP VR wpvr allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through = 8.5.5...
CVE-2024-49293
Missing Authorization vulnerability in RexTheme WP VR wpvr allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through = 8.5.4...
CVE-2024-49293
CVE-2024-49293 corresponds to a Missing Authorization (Broken Access Control) vulnerability in the WordPress WP VR (Rextheme WP VR) plugin, affecting versions up to and including 8.5.4. Public sources provide a CVSS v3.1 base score of 5.4 (Medium) with Network attack vector and Low impact on conf...
CVE-2023-40663
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rextheme WP VR plugin = 8.3.4 versions...
CVE-2023-40663
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rextheme WP VR plugin = 8.3.4 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rextheme WP VR plugin = 8.3.4 versions...
CVE-2023-25708
Cross-Site Request Forgery CSRF vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin = 8.2.7 versions...