EUVD-2024-32456

Malicious code in bioql PyPI...

EUVD-2025-15098

Malicious code in bioql PyPI...

EUVD-2024-32386

Malicious code in bioql PyPI...

CVE-2024-3886

The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘envatocode’ parameter in all versions up to, and including, 5.0 due to insufficient input sanitization and output escaping within the onajaxcheckenvatocode function. This makes it possible for...

CVE-2024-5212

The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘envatocode’ parameter in all versions up to, and including, 5.0 due to insufficient input sanitization and output escaping within the onajaxregisterforumuser function. This makes it possible for...

CVE-2024-3814

The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'single' module in all versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-3510

The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

CVE-2024-13645

CVE-2024-13645 affects the WordPress tagging plugin TagDiv Composer (all versions up to and including 5.3). It describes PHP Object Instantiation via a module parameter, enabling unauthenticated object instantiation. The impact is conditional on a POP chain being present in the target environment...

CVE-2025-2804

The tagDiv Composer plugin for WordPress, used by the Newspaper theme, is vulnerable to Reflected Cross-Site Scripting via the 'accountid' and 'accountusername' parameters in all versions up to, and including, 5.3 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2025-2804

Technical details about CVE-2025-2804 are not publicly provided in the connected documents. The initial description mentions Reflected XSS in tagDiv Composer for WordPress (accounts) but lacks specifics on affected versions, impact, or fixes; monitor for official advisories and patch information.

The vulnerability of the tagDiv Composer Plugin, a plugin for WordPress content management systems, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the tagDiv Composer Plugin of the WordPress content management system exists because measures to neutralize special elements have not been taken. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

PT-2023-7564

Name of the Vulnerable Software and Affected Versions tagDiv Composer Plugin versions prior to 4.2 Description The issue exists due to the lack of proper validation and escaping of certain parameters, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks. This is...