CVE-2025-68515

CVE-2025-68515 affects the WordPress plugin WP Booking System (Roland Murg) up to version 2.0.19.12. The issue is an information disclosure flaw caused by insertion of sensitive data into sent data, enabling retrieval of embedded sensitive data. There is no explicit exploitation status in the pro...

CVE-2025-68515 WordPress WP Booking System plugin <= 2.0.19.12 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Roland Murg WP Booking System wp-booking-system allows Retrieve Embedded Sensitive Data.This issue affects WP Booking System: from n/a through = 2.0.19.12...

WordPress WP Booking System plugin <= 2.0.19.12 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by benzdeus in WordPress Plugin WP Booking System versions = 2.0.19.12...

WordPress plugin WP Attractive Donations System - Easy Stripe & Paypal donations 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin WP...

CVE-2025-62740 WordPress WP-CRM System plugin <= 3.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.6...

WordPress WP-CRM System plugin <= 3.4.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP-CRM System versions = 3.4.5...

EUVD-2017-9704

Malware in sbrugna...

EUVD-2024-51564

Malicious code in bioql PyPI...

EUVD-2022-2330

Malicious code in bioql PyPI...

CVE-2025-53584 WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System wp-ticket allows Object Injection.This issue affects WP Ticket Customer Service Software & Support Ticket System: from n/a through = 6.0.2...

CVE-2025-53584 WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System allows Object Injection. This issue affects WP Ticket Customer Service Software & Support Ticket System: from n/a through 6.0.2...

WordPress Service Finder SMS System plugin elevation of privilege vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress Service Finder SMS System plugin that originates from an account takeover and can be exploited by an attacker to...

WordPress plugin Hospital Management System 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

WordPress plugin Hospital Management System SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2024-10441

Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS BSM before 1.1-65374 and Synology DiskStation Manager DSM before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2024-10441

CVE-2024-10441 affects Synology BeeStation OS (BSM) and DiskStation Manager (DSM). The vulnerability is described as an improper encoding or escaping of output in the system plugin daemon, affecting BSM &lt;= 1.1-65374 and DSM

CVE-2024-10441

Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS BSM before 1.1-65374 and Synology DiskStation Manager DSM before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2024-13375

The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a user's identity prior to updating their details like password through the adifierrecover function. Th...

CVE-2024-13375

The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a user's identity prior to updating their details like password through the adifierrecover function. Th...

CVE-2024-13375

CVE-2024-13375 concerns the Adifier System plugin for WordPress. Vulnerability: unauthenticated attackers can escalate privileges by taking over accounts (including administrators) via adifier_recover(), exploiting insufficient identity validation when updating passwords. Affected versions: all u...