403 matches found
CVE-2025-63317
Todoist v8896 is vulnerable to Cross Site Scripting XSS in /api/v1/uploads. Uploaded SVG files have no sanitization applied, so embedded JavaScript executes when a user opens the attachment from a task/comment...
CVE-2025-12163
The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to...
CVE-2025-63317
Todoist v8896 is vulnerable to Cross Site Scripting XSS in /api/v1/uploads. Uploaded SVG files have no sanitization applied, so embedded JavaScript executes when a user opens the attachment from a task/comment...
CVE-2025-11682
The CVE-2025-11682 issue affects Perx Customer Engagement & Loyalty Platform, specifically the LMT Dashboard, with versions prior to 4.617.4. Root cause: improper sanitization of uploaded SVGs, allowing an authenticated attacker to upload a malicious SVG to a campaign. When other users view the i...
CVE-2025-10700
The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.0. This is due to missing or incorrect nonce validation on the enableunfilteredfilesupload function. This makes it possible for unauthenticated...
EUVD-2016-7732
Malware in sbrugna...
EUVD-2021-14336
Malware in sbrugna...
EUVD-2015-3027
Malware in sbrugna...
EUVD-2014-3694
Malware in sbrugna...
EUVD-2021-25630
Malware in sbrugna...
EUVD-2011-3114
Malware in sbrugna...
EUVD-2012-2240
Malware in sbrugna...
EUVD-2020-26966
Malware in sbrugna...
EUVD-2020-23507
Malware in sbrugna...
EUVD-2021-0117
Malware in sbrugna...
EUVD-2014-4392
Malware in sbrugna...
EUVD-2020-12592
Malware in sbrugna...
EUVD-2014-3178
Malware in sbrugna...
EUVD-2016-7097
Malware in sbrugna...
EUVD-2020-5421
Malware in sbrugna...