EUVD-2026-32516

A cross-site request forgery CSRF vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request...

CVE-2026-48925

A cross-site request forgery CSRF vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request...

CVE-2026-32514

Missing Authorization vulnerability in Anton Voytenko Petitioner petitioner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Petitioner: from n/a through = 0.7.3...

CVE-2026-32514 WordPress Petitioner plugin <= 0.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Anton Voytenko Petitioner petitioner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Petitioner: from n/a through = 0.7.3...

CVE-2026-32514

Missing Authorization vulnerability in Anton Voytenko Petitioner petitioner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Petitioner: from n/a through = 0.7.3...

WordPress plugin Petitioner 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

WordPress Petitioner plugin <= 0.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Petitioner versions = 0.7.3...

CVE-2025-49954

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mithra62 WP-Click-Tracker wp-click-track allows Reflected XSS.This issue affects WP-Click-Tracker: from n/a through = 0.7.3...

WordPress plugin WP-Click-Tracker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

PT-2025-43215

Name of the Vulnerable Software and Affected Versions mithra62 WP-Click-Tracker versions through 0.7.3 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-site Scripting issue. This could allow an...

EUVD-2011-3318

Malware in sbrugna...

EUVD-2023-1589

Malicious code in bioql PyPI...

WordPress WP-Click-Tracker Plugin <= 0.7.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP-Click-Tracker versions = 0.7.3...

CVE-2023-2972

Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3...

CVE-2025-30573

CVE-2025-30573 is a stored XSS vulnerability in the WordPress plugin My Default Post Content , arising from improper input neutralization during web page generation. The flaw affects the plugin version range listed as “from n/a through 0.7.3” (i.e., up to and including 0.7.3). The Connected WordF...

WordPress plugin My Default Post Content 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

Template Injection

Overview spacy-llm is an Integrating LLMs into structured NLP pipelines Affected versions of this package are vulnerable to Template Injection via the template field. An attacker can execute arbitrary code by injecting a crafted payload. PoC python import spacy nlp = spacy.load"encorewebsm" confi...

Rizin 操作系统命令注入漏洞

Rizin is a free open source reverse engineering framework from the Rizin organization. It is used to analyze binary files, disassemble code, debug programs, as a forensic tool, as a scriptable command-line hex editor capable of opening disk files, and more. An operating system command injection...

BER/CER/DER decoder panics on invalid input

Due to insufficient checking of input data, decoding certain data sequences can lead to bcder panicking rather than returning an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding. bcder 0.7.3 fixes these issues by more...

Code injection

Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3...