CVE-2025-66062

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Frank Goossens WP YouTube Lyte wp-youtube-lyte allows Phishing.This issue affects WP YouTube Lyte: from n/a through = 1.7.28...

CVE-2025-66062 WordPress WP YouTube Lyte plugin <= 1.7.28 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Frank Goossens WP YouTube Lyte wp-youtube-lyte allows Phishing.This issue affects WP YouTube Lyte: from n/a through = 1.7.28...

WordPress plugin WP YouTube Lyte 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress WP YouTube Lyte plugin <= 1.7.28 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Nabil Irawan in WordPress Plugin WP YouTube Lyte versions = 1.7.28...

CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

CVE-2025-64106 Cursor: Speedbump Modal Bypass in MCP Server Deep-Link

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...

PT-2025-45060

Name of the Vulnerable Software and Affected Versions Cursor versions 1.7.28 and below Description Cursor is a code editor designed for programming with AI. An input validation issue within Cursor’s MCP server installation allows maliciously crafted deep-links to circumvent standard security...

EUVD-2021-2300

Malware in sbrugna...

EUVD-2024-42918

Malicious code in bioql PyPI...

EUVD-2022-0492

Malicious code in bioql PyPI...

CVE-2024-48046

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in supsystic Contact Form by Supsystic contact-form-by-supsystic allows Stored XSS.This issue affects Contact Form by Supsystic: from n/a through = 1.7.28...

CVE-2024-43230

Insertion of Sensitive Information Into Sent Data vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.28...

PT-2024-32965 · Supsystic · Contact Form By Supsystic

Name of the Vulnerable Software and Affected Versions: Contact Form by Supsystic versions 1.7.28 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...

PT-2024-32961

Name of the Vulnerable Software and Affected Versions Supsystic Contact Form versions 1.7.28 and earlier Description The issue is related to an Improper Neutralization of Special Elements Used in a Template Engine vulnerability, which allows Command Injection. This can lead to potential cyber...

WordPress Contact Form by Supsystic plugin <= 1.7.28 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Contact Form by Supsystic versions = 1.7.28...

WordPress Contact Form by Supsystic Plugin <= 1.7.28 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form by Supsystic Type Plugin Vulnerable versions = 1.7.28 Fixed in 1.7.29 OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-48046 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cce1073296d4 Credits UKO Required privile...

WordPress Contact Form by Supsystic plugin <= 1.7.28 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Contact Form by Supsystic versions = 1.7.28...

CVE-2024-43230

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Shared Files – File Upload Form Shared Files.This issue affects Shared Files: from n/a through 1.7.28...

WordPress Shared Files Plugin <= 1.7.28 is vulnerable to Sensitive Data Exposure

Software Shared Files Type Plugin Vulnerable versions = 1.7.28 Fixed in 1.7.29 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2024-43230 Patch priority Low CVSS severity Low 5.3 Developer Tammersoft PSID 9e141e472eac Credits Abdi Pranata Required privile...

GHSA-735V-WX75-XMMM Cross-site Scripting in grav

In grav prior to version 1.7.28, a low privilege user can create a page with arbitrary javascript by bypassing insufficent XSS filtering...