22 matches found
EUVD-2024-35400
Malicious code in bioql PyPI...
EUVD-2025-10657
Malicious code in bioql PyPI...
EUVD-2024-49210
Malicious code in bioql PyPI...
CVE-2024-35639
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler.This issue affects Simple Spoiler: from n/a through = 1.2...
CVE-2025-31020
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through = 1.4...
WordPress Simple Spoiler plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Simple Spoiler versions = 1.4...
CVE-2025-31020
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through = 1.4...
CVE-2025-31020
CVE-2025-31020 – Stored XSS in Simple Spoiler (WordPress plugin) . The vulnerability arises from improper input neutralization during web page generation, enabling stored cross-site scripting when users submit content that is rendered by the Simple Spoiler plugin. Affected software is listed as S...
CVE-2025-31020 WordPress Simple Spoiler plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through = 1.4...
CVE-2025-31020 WordPress Simple Spoiler plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through = 1.4...
WordPress plugin Simple Spoiler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-15728 · Unknown · Webliberty Simple Spoiler
Name of the Vulnerable Software and Affected Versions: Webliberty Simple Spoiler versions n/a through 1.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker ca...
WordPress Simple Spoiler Plugin <= 1.3 is vulnerable to Broken Access Control
Software Simple Spoiler Type Plugin Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A3: Injection Classification Broken Access Control CVE CVE-2024-8479 Patch priority Medium CVSS severity Medium 7.3 Developer Claim ownership PSID 5815e2232ebe Credits Francesco Carlucci Required privilege...
CVE-2024-8479
The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter addfilter'commenttext', 'doshortcode'; which will run all shortcodes in comments. This makes it possible for unauthenticated attackers to...
CVE-2024-8479
The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter addfilter'commenttext', 'doshortcode'; which will run all shortcodes in comments. This makes it possible for unauthenticated attackers to...
CVE-2024-8479
CVE-2024-8479 affects the WordPress plugin Simple Spoiler (versions 1.2–1.3). The vulnerability stems from the plugin adding the filter add_filter('comment_text','do_shortcode'), which causes all shortcodes in comments to be executed. This enables unauthenticated attackers to run arbitrary shortc...
WordPress plugin The Simple Spoiler 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code injection vulnerability exists...
PT-2024-39045 · WordPress · Simple Spoiler
Name of the Vulnerable Software and Affected Versions: The Simple Spoiler plugin for WordPress versions 1.2 to 1.3 Description: The issue is due to the plugin adding the filter add filter'comment text','do shortcode', which runs all shortcodes in comments. This allows unauthenticated attackers to...
CVE-2024-35639
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler.This issue affects Simple Spoiler: from n/a through = 1.2...
CVE-2024-35639 WordPress Simple Spoiler plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler.This issue affects Simple Spoiler: from n/a through = 1.2...