36 matches found
CVE-2025-53237
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Soflyy WP Wizard Cloak wp-wizard-cloak allows Reflected XSS.This issue affects WP Wizard Cloak: from n/a through = 1.0.1...
PT-2026-21038
Name of the Vulnerable Software and Affected Versions Soflyy WP Wizard Cloak versions through 1.0.1 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting XSS issue. This allows for the injection of...
EUVD-2025-24755
Malicious code in bioql PyPI...
EUVD-2024-29797
Malicious code in bioql PyPI...
EUVD-2022-39099
Malicious code in bioql PyPI...
EUVD-2022-49622
Malicious code in bioql PyPI...
EUVD-2024-29286
Malicious code in bioql PyPI...
EUVD-2024-29276
Malicious code in bioql PyPI...
CVE-2025-49038
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Soflyy WP Dynamic Links wp-dynamic-links allows Reflected XSS.This issue affects WP Dynamic Links: from n/a through = 1.0.1...
CVE-2025-49038
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Soflyy WP Dynamic Links wp-dynamic-links allows Reflected XSS.This issue affects WP Dynamic Links: from n/a through = 1.0.1...
PT-2025-33178 · WordPress · Soflyy Wp Dynamic Links
Name of the Vulnerable Software and Affected Versions: Soflyy WP Dynamic Links versions through 1.0.1 Description: Improper neutralization of input during web page generation allows reflected cross-site scripting XSS. Recommendations: Update to a version later than 1.0.1...
CVE-2022-46841
Cross-Site Request Forgery CSRF vulnerability in Soflyy Oxygen Builder plugin = 4.4 versions...
CVE-2024-31380
Improper Control of Generation of Code 'Code Injection' vulnerability in Soflyy Oxygen Builder allows Code Injection. Vendor is ignoring report, refuses to patch the issue.This issue affects Oxygen Builder: from n/a through 4.9...
CVE-2024-31939
Cross-Site Request Forgery CSRF vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3...
CVE-2024-31939
CVE-2024-31939 : CSRF vulnerability in the WordPress plugin “Import any XML or CSV File to WordPress” (Soflyy WP All Import) affecting versions up to 3.7.3. Public data indicates a CSRF flaw that can be triggered with user interaction and has network access implications, with no explicit remediat...
CVE-2024-31939 WordPress Import any XML or CSV File to WordPress plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3...
CVE-2024-31939 WordPress Import any XML or CSV File to WordPress plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3...
CVE-2024-31390
: Improper Control of Generation of Code 'Code Injection' vulnerability in Soflyy Breakdance allows : Code Injection.This issue affects Breakdance: from n/a through 1.7.2...
CVE-2024-31380
Improper Control of Generation of Code 'Code Injection' vulnerability in Soflyy Oxygen Builder allows Code Injection. Vendor is ignoring report, refuses to patch the issue.This issue affects Oxygen Builder: from n/a through 4.9...
CVE-2024-31380
CVE-2024-31380 affects Soflyy Oxygen Builder (WordPress Oxygen Plugin) versions prior to 4.9. The vulnerability is Improper Control of Generation of Code (Code Injection) which enables remote code execution. The issue is linked to authenticated remote code execution in Oxygen Builder = 4.9) or ap...