192 matches found
CVE-2026-40778 WordPress Majestic Support plugin <= 1.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Majestic Support: from n/a through = 1.1.2...
PT-2026-31110
Name of the Vulnerable Software and Affected Versions The Awesome Support – WordPress HelpDesk & Support Plugin versions up to and including 6.3.7 Description The Awesome Support – WordPress HelpDesk & Support Plugin is susceptible to an Insecure Direct Object Reference issue. The wpas get ticket...
WordPress GDPR CCPA Compliance Support plugin <= 2.7.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin GDPR CCPA Compliance Support versions = 2.7.4...
WordPress Awesome Support - WordPress HelpDesk & Support Plugin plugin <= 6.3.6 - Missing Authorization to Unauthenticated Role Demotion vulnerability
WordPress Awesome Support - WordPress HelpDesk & Support Plugin plugin = 6.3.6 - Missing Authorization to Unauthenticated Role Demotion vulnerability discovered by shark3y in WordPress Plugin Awesome Support versions = 6.3.6...
WordPress CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts plugin <= 4.2 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by luckybuddy in WordPress Plugin cits-support-svg-webp-media-upload versions = 4.2...
CVE-2025-13660
The Guest Support plugin for WordPress is vulnerable to User Email Disclosure in versions up to, and including, 1.2.3. This is due to the plugin exposing a public AJAX endpoint that allows anyone to search for and retrieve user email addresses without any authentication or capability checks. This...
EUVD-2025-203061
The Guest Support plugin for WordPress is vulnerable to User Email Disclosure in versions up to, and including, 1.2.3. This is due to the plugin exposing a public AJAX endpoint that allows anyone to search for and retrieve user email addresses without any authentication or capability checks. This...
CVE-2025-13660
The Guest Support plugin for WordPress is vulnerable to User Email Disclosure in versions up to, and including, 1.2.3. This is due to the plugin exposing a public AJAX endpoint that allows anyone to search for and retrieve user email addresses without any authentication or capability checks. This...
CVE-2025-13660 Guest Support <= 1.2.3 - Unauthenticated User Email Disclosure in guest_support_handler AJAX Endpoint
The Guest Support plugin for WordPress is vulnerable to User Email Disclosure in versions up to, and including, 1.2.3. This is due to the plugin exposing a public AJAX endpoint that allows anyone to search for and retrieve user email addresses without any authentication or capability checks. This...
CVE-2025-13660
CVE-2025-13660 (Guest Support, WordPress): The vulnerability is an unauthenticated User Email Disclosure in versions up to and including 1.2.3. An exposed AJAX endpoint (guest_support_handler=ajax) allows arbitrary querying of users (request=get_users) without authentication or capability checks,...
EUVD-2015-0486
Malware in sbrugna...
EUVD-2015-9158
Malware in sbrugna...
EUVD-2017-9623
Malware in sbrugna...
EUVD-2023-57772
Malicious code in bioql PyPI...
EUVD-2022-0841
Malicious code in bioql PyPI...
EUVD-2022-2602
Malicious code in bioql PyPI...
EUVD-2022-3275
Malicious code in bioql PyPI...
EUVD-2025-4523
Malicious code in bioql PyPI...
EUVD-2022-34813
Malicious code in bioql PyPI...
EUVD-2025-8073
Malicious code in bioql PyPI...