29 matches found
EUVD-2024-50606
Malicious code in bioql PyPI...
EUVD-2023-37384
Malicious code in bioql PyPI...
EUVD-2025-18869
Malicious code in bioql PyPI...
CVE-2025-52920
Innoshop (v0.4.1 and earlier) is affected by an IDOR vulnerability in the frontend store. The issue allows disclosure of other customers’ PII and deletion of their product reviews by manipulating IDs in endpoints such as /en/account/orders/{ORDER_ID} and /en/account/reviews/{REVIEW_ID}, or by alt...
CVE-2023-33214
Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...
CVE-2024-12113
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteuserreview and deletereview functions in all versions up to, and including, 1.3.2. This...
CVE-2024-50945
An improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submit reviews without verifying if they have purchased the product...
Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics < 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-32552 WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2...
CVE-2024-32552 WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2...
WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Taggbox versions = 3.2...
CVE-2023-52225
Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...
Deserialization of untrusted data
Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...
CVE-2023-52225
CVE-2023-52225 describes a deserialization of untrusted data vulnerability in the WordPress plugin Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics . Affected versions are listed as up to version 3.1 (n/a to 3.1); the root cause is improper deserialization of untrusted input...
PT-2024-14489 · Unknown · Tagbox – Ugc Galleries
Name of the Vulnerable Software and Affected Versions: Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics versions n/a through 3.1 Description: The issue is related to Deserialization of Untrusted Data, which affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews &...
CVE-2023-33214
Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...
CVE-2023-33214
Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...
CVE-2023-33214
CVE-2023-33214 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress Taggbox widget/plugin (Taggbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics). Public records tie this to the Taggbox WordPress plugin, with vulnerable versions cited as up to and includi...
CVE-2023-33214 WordPress Taggbox Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...