EUVD-2025-17501

Malicious code in bioql PyPI...

EUVD-2025-15476

Malicious code in bioql PyPI...

CVE-2025-31426

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcaststicky allows Reflected XSS.This issue affects Sticky Radio Player: from n/a through = 3.4...

CVE-2025-31426

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcaststicky allows Reflected XSS.This issue affects Sticky Radio Player: from n/a through = 3.4...

CVE-2025-31426 WordPress Sticky Radio Player plugin <= 3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcaststicky allows Reflected XSS.This issue affects Sticky Radio Player: from n/a through = 3.4...

CVE-2025-31426 WordPress Sticky Radio Player plugin <= 3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Sticky Radio Player allows Reflected XSS. This issue affects Sticky Radio Player: from n/a through 3.4...

CVE-2025-31426

CVE-2025-31426 describes a Reflected Cross-Site Scripting vulnerability in the WordPress plugin Sticky Radio Player by LambertGroup. The issue is caused by improper neutralization of input during web page generation, leading to potential script execution in the context of a user’s browser. Affect...

WordPress plugin Sticky Radio Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Sticky Radio Player plugin <= 3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Sticky Radio Player versions = 3.4...

CVE-2025-31926

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcaststicky allows SQL Injection.This issue affects Sticky Radio Player: from n/a through = 3.4...

CVE-2025-31926

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcaststicky allows SQL Injection.This issue affects Sticky Radio Player: from n/a through = 3.4...

CVE-2025-31926

CVE-2025-31926 : LambertGroup Sticky Radio Player for WordPress (vulnerable up to 3.4) suffers an SQL Injection due to improper neutralization of input elements. According to the sources, the CVSS v3.1 base score is 8.5 (HIGH) with Network attack vector, LOW attack complexity, and LOW privileges ...

CVE-2025-31926 WordPress Sticky Radio Player plugin <= 3.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcaststicky allows SQL Injection.This issue affects Sticky Radio Player: from n/a through = 3.4...

WordPress plugin Sticky Radio Player SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PT-2025-21682 · Unknown · Lambertgroup Sticky Radio Player

Name of the Vulnerable Software and Affected Versions: LambertGroup Sticky Radio Player versions n/a through 3.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...