EUVD-2025-27520

Malicious code in bioql PyPI...

EUVD-2022-40668

Malicious code in bioql PyPI...

CVE-2025-1506

CVE-2025-1506 documents confirm a Cross-Site Forgery (CSRF) vulnerability in the WordPress plugin “Wp Social Login and Register Social Counter” up to version 3.1.0. The root cause is missing or incorrect nonce validation on the counter_access_key_setup() function, enabling unauthenticated attacke...

WordPress Wechat Social login Plugin <= 1.3.0 is vulnerable to Broken Authentication

Software Wechat Social login Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9106 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 26efb59ee707 Credits Istvá...

CVE-2024-6637

CVE-2024-6637 describes an unauthenticated privilege-escalation in the WordPress plugin WooCommerce - Social Login (versions up to 2.7.3) due to lack of brute-force controls on a weak one-time password. Exploitation status is not indicated; the CVSS base score is 7.3 (HIGH) with NETWORK attack ve...

WordPress WooCommerce Social Login plugin <= 2.6.2 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by István Márton in WordPress Plugin WooCommerce Social Login versions = 2.6.2...

WordPress Plugin Social Share, Social Login and Social Comments Plugin 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress Plugin Social Share, Social Login and...

CVE-2023-34023

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Miled WordPress Social Login plugin = 3.0.4 versions...

CVE-2023-34172

CVE-2023-34172 describes an authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin WordPress Social Login (Miled WordPress Social Login) up to version ≤ 3.0.4. Root cause: stored XSS likely via admin-accessible vector in the plugin. Impact: local XSS could ...

CVE-2022-38063

Cross-Site Request Forgery CSRF vulnerability in Social Login WP plugin = 5.0.0.0 versions...

CVE-2022-38063 WordPress Social Login WP Plugin <= 5.0.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Social Login WP plugin = 5.0.0.0 versions...

PT-2023-13579 · WordPress · Social Login

Name of the Vulnerable Software and Affected Versions: Social Login WP plugin versions = 5.0.0.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

WordPress social-login-bws plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. social-login-bws plugin is a social networking site login plugin used in it. A cross-site scripting vulnerability exists in WordPress...

CVE-2014-4576

Cross-site scripting XSS vulnerability in services/diagnostics.php in the WordPress Social Login plugin 2.0.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl parameter...