WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting

WordPress Simple Giveaways plugin before 2.36.2 contains a cross-site scripting vulnerability via the method and share GET parameters of the Giveaway pages, which are not sanitized, validated, or escaped before being output back in the pages. id: CVE-2021-24298 info: name: WordPress Simple...

CVE-2023-31086

Cross-Site Request Forgery CSRF vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin = 2.46.0 versions...

EUVD-2023-27976

Malicious code in bioql PyPI...

EUVD-2023-35415

Malicious code in bioql PyPI...

EUVD-2025-13771

Malicious code in bioql PyPI...

EUVD-2025-8359

Malicious code in bioql PyPI...

EUVD-2023-23403

Malicious code in bioql PyPI...

CVE-2023-1120

The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-23893

Missing Authorization vulnerability in Igor Benic Simple Giveaways allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Giveaways: from n/a through 2.48.0...

CVE-2023-1122

The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its Giveaways options, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-1121

The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-47606

Cross-Site Request Forgery CSRF vulnerability in Igor Benic Simple Giveaways giveasap allows Cross Site Request Forgery.This issue affects Simple Giveaways: from n/a through = 2.49.0...

CVE-2025-47606

Cross-Site Request Forgery CSRF vulnerability in Igor Benic Simple Giveaways giveasap allows Cross Site Request Forgery.This issue affects Simple Giveaways: from n/a through = 2.49.0...

WordPress Simple Giveaways plugin <= 2.49.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Simple Giveaways versions = 2.49.0...

CVE-2025-47606 WordPress Simple Giveaways <= 2.48.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Igor Benic Simple Giveaways allows Cross Site Request Forgery. This issue affects Simple Giveaways: from n/a through 2.48.2...

CVE-2025-47606

CVE-2025-47606 affects the WordPress plugin Simple Giveaways. The issue is a Cross-Site Request Forgery (CSRF) vulnerability in versions n/a through 2.48.2, enabling an attacker to perform actions on behalf of an authenticated user. The vulnerability is reflected in CVSS v3.1 metrics with a base ...

WordPress plugin Simple Giveaways 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2025-20178 · Unknown · Igor Benic Simple Giveaways

Name of the Vulnerable Software and Affected Versions: Igor Benic Simple Giveaways versions n/a through 2.48.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For versions n/a...

CVE-2025-30819

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Igor Benic Simple Giveaways giveasap allows SQL Injection.This issue affects Simple Giveaways: from n/a through = 2.48.1...

CVE-2025-30819

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Igor Benic Simple Giveaways giveasap allows SQL Injection.This issue affects Simple Giveaways: from n/a through = 2.48.1...