EUVD-2025-30660

Malicious code in bioql PyPI...

EUVD-2024-32786

Malicious code in bioql PyPI...

CVE-2025-57994

Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events Lists upcoming-events-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Upcoming Events Lists: from n/a through = 1.4.0...

CVE-2025-57994

Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events Lists upcoming-events-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Upcoming Events Lists: from n/a through = 1.4.0...

PT-2025-38844

Name of the Vulnerable Software and Affected Versions Sayful Islam Upcoming Events Lists versions through 1.4.0 Description An authorization bypass exists due to user-controlled keys and incorrectly configured access control security levels in Upcoming Events Lists. This allows for bypassing...

CVE-2024-45270

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2024-45270

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2024-45269

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2024-45269

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2024-45270

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2024-45270

CVE-2024-45270 concerns the WordPress plugin Carousel Slider by Sayful Islam. Public details in the CVE describe a Cross-Site Request Forgery (CSRF) vulnerability in the Hero image selection feature that can, when a site user with the plugin enabled visits a crafted page, cause content changes on...

CVE-2024-45269

CVE-2024-45269: CSRF vulnerability in WordPress Carousel Slider (plugin by Sayful Islam) affecting Carousel Slider

CVE-2024-45269

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2024-45269

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

PT-2024-31525 · Sayful Islam · Carousel Slider

Name of the Vulnerable Software and Affected Versions: WordPress plugin Carousel Slider affected versions not specified Description: The WordPress plugin Carousel Slider provided by Sayful Islam contains a cross-site request forgery issue on the Hero image selection feature. When a user is logged...

JVN#25264194: Multiple vulnerabilities in WordPress plugin "Carousel Slider"

WordPress plugin "Carousel Slider" provided by Sayful Islam contains 2 CSRF vulnerabilities listed below. Cross-site request forgery on Carousel image selection feature CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3 CVE-2024-45269 Cross-site request forgery on Hero image...

CVE-2024-4234 WordPress Filterable Portfolio plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayful Islam Filterable Portfolio allows Stored XSS.This issue affects Filterable Portfolio: from n/a through 1.6.4...

CVE-2024-4234

CVE-2024-4234 affects WordPress Filterable Portfolio plugin; stored XSS due to improper input neutralization in web page generation. Affected versions: 1.6.4 and earlier (n/a–1.6.4). Root cause: improper neutralization of inputs leading to stored cross-site scripting. No public details on a fixed...

CVE-2024-4234 WordPress Filterable Portfolio plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayful Islam Filterable Portfolio allows Stored XSS.This issue affects Filterable Portfolio: from n/a through 1.6.4...

PT-2024-29880 · Unknown · Sayful Islam Filterable Portfolio

Name of the Vulnerable Software and Affected Versions: Sayful Islam Filterable Portfolio versions 1.6.4 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means that an attacker can injec...