1408 matches found
EUVD-2023-12167
Malicious code in bioql PyPI...
EUVD-2022-52000
Malicious code in bioql PyPI...
EUVD-2022-52055
Malicious code in bioql PyPI...
EUVD-2022-52006
Malicious code in bioql PyPI...
EUVD-2022-52080
Malicious code in bioql PyPI...
EUVD-2022-51997
Malicious code in bioql PyPI...
EUVD-2022-51985
Malicious code in bioql PyPI...
EUVD-2022-52102
Malicious code in bioql PyPI...
EUVD-2025-26705
Malicious code in bioql PyPI...
EUVD-2022-52063
Malicious code in bioql PyPI...
EUVD-2022-52084
Malicious code in bioql PyPI...
EUVD-2022-43314
Malicious code in bioql PyPI...
EUVD-2022-52003
Malicious code in bioql PyPI...
CVE-2025-10131 All Social Share Options <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The All Social Share Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sc' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress plugin Evenium 跨站脚本漏洞
The Evenium plugin is an event management tool for the WordPress platform for creating and integrating Evenium meeting management features. Evenium plugin version 1.3.11 and prior versions suffer from a stored XSS vulnerability that stems from insufficient filtering of shortcode user input...
CVE-2025-9058
The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-leve...
CVE-2025-9519
The Easy Timer plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.2.1 via the plugin's shortcodes. This is due to insufficient restriction of shortcode attributes. This makes it possible for authenticated attackers, with Editor-level access and...
CVE-2025-8622
The Flexible Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Flexible Maps shortcode in all versions up to, and including, 1.18.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-7649
The Surbma | Recent Comments Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'recent-comments' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-7649 Surbma | Recent Comments Shortcode <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Surbma | Recent Comments Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'recent-comments' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...