375 matches found
EUVD-2025-31062
Malicious code in bioql PyPI...
EUVD-2025-31207
Malicious code in bioql PyPI...
EUVD-2025-26832
Malicious code in bioql PyPI...
EUVD-2025-26906
Malicious code in bioql PyPI...
EUVD-2025-27039
Malicious code in bioql PyPI...
EUVD-2024-40610
Malicious code in bioql PyPI...
EUVD-2025-6150
Malicious code in bioql PyPI...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-10377
The System Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.20. This is due to missing nonce validation on the sdtogglelogs function. This makes it possible for unauthenticated attackers to toggle critical logging settings...
WordPress plugin System Dashboard 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
PT-2025-39486
Name of the Vulnerable Software and Affected Versions System Dashboard plugin for WordPress versions prior to 2.8.21 Description The System Dashboard plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by a lack of nonce validation in the sd toggle logs function...
PT-2025-39684
🔴 https://t.co/GlL5deDG8n toggle-array Prototype Pollution Vulnerability CVE-2025-42505 Low Severity...
4d-oled (>=1.0.0 <=1.0.2), @abb92/holidates (>=1.0.0 <=1.0.1) +972 more potentially affected by CVE-2025-57328 via toggle-array (>=0.1.0 <=1.0.1)
toggle-array NPM version =0.1.0, =1.0.0, =1.0.0, =5.0.0, =4.0.2, =0.0.0-snapshot-ZERO-3343-20250425065225, =0.8.1-beta.2, =0.1.0, =0.1.1-a, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.11.0 and more Source cves: CVE-2025-57328 Source advisory: OSV:GHSA-34Q3-8X9V-J957...
4d-oled (>=1.0.0 <=1.0.2), @abb92/holidates (>=1.0.0 <=1.0.1) +972 more potentially affected by CVE-2025-57328 via toggle-array (>=0.1.0 <=1.0.1)
toggle-array NPM version =0.1.0, =1.0.0, =1.0.0, =5.0.0, =4.0.2, =0.0.0-snapshot-ZERO-3343-20250425065225, =0.8.1-beta.2, =0.1.0, =0.1.1-a, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.11.0 and more Source cves: CVE-2025-57328 Source advisory: SNYK:JS-TOGGLEARRAY-13110016...
Prototype Pollution
Overview toggle-array is an In an array of objects, this enables a property on the object at the specified index, while disabling the property on all other objects. Affected versions of this package are vulnerable to Prototype Pollution via the enable and disable functions. An attacker can modify...
toggle-array vulnerable to prototype pollution
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
GHSA-34Q3-8X9V-J957 toggle-array vulnerable to prototype pollution
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
toggle-array 安全漏洞
toggle-array is a js library by the individual developer Jon Schlinkert. A security vulnerability exists in toggle-array 1.0.1 and earlier versions, which stems from prototype contamination in the enable and disable functions, which could lead to a denial of service attack...