4 matches found
CVE-2025-8871
The Everest Forms Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.7 via deserialization of untrusted input in the mimecontenttype function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may ...
EUVD-2023-53762
Malicious code in bioql PyPI...
CVE-2024-25933
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7...
CVE-2023-49854
Cross-Site Request Forgery CSRF vulnerability in Tribe Interactive Caddy – Smart Side Cart for WooCommerce.This issue affects Caddy – Smart Side Cart for WooCommerce: from n/a through 1.9.7...