93 matches found
WordPress ProSolution WP Client plugin <= 1.9.9 - Unauthenticated Arbitrary File Upload via proSol_fileUploadProcess vulnerability
Unauthenticated Arbitrary File Upload via proSolfileUploadProcess vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin ProSolution WP Client versions = 1.9.9...
WordPress plugin ProSolution WP Client 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2025-66486
IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...
CVE-2025-66486
IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...
Malicious code in shopping-cart-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a35497d79077eb5f8f79659d420f79568f9fcf905b9ab2f2cceb043eb6eba574 The package shopping-cart-service was found to contain malicious code. Source: ghsa-malware...
Command Injection
Overview claude-statusline is a Real-time session tracking and analytics for Claude Code Affected versions of this package are vulnerable to Command Injection due to improper handling of subprocess calls. The instancemanager.py module constructs shell commands using string interpolation and passe...
GHSA-PFRV-63W8-Q7RQ Byaidu PDFMathTranslate vulnerable to open redirect
An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradioapi endpoint. This vulnerability could be exploited for phishing attacks or ...
EUVD-2025-37013
Byaidu PDFMathTranslate vulnerable to open redirect...
CVE-2025-50736
An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradioapi endpoint. This vulnerability could be exploited for phishing attacks or ...
CVE-2025-50736
An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradioapi endpoint. This vulnerability could be exploited for phishing attacks or ...
PDFMathTranslate 安全漏洞
PDFMathTranslate is a PDF translation software by Byaidu Personal Developer. A security vulnerability exists in PDFMathTranslate version 1.9.9, which stems from improper handling of the file parameter and could lead to a redirection attack...
CVE-2025-11857
The XX2WP Integration Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mxpfb2wpdisplayembed' shortcode in all versions up to, and including, 1.9.9. This is due to the plugin not properly sanitizing user input and output of the 'postid' parameter. This makes it...
EUVD-2025-34966
The XX2WP Integration Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mxpfb2wpdisplayembed' shortcode in all versions up to, and including, 1.9.9. This is due to the plugin not properly sanitizing user input and output of the 'postid' parameter. This makes it...
EUVD-2007-6495
Malware in sbrugna...
EUVD-2022-50356
Malicious code in bioql PyPI...
EUVD-2023-42303
Malicious code in bioql PyPI...
EUVD-2024-52942
Malicious code in bioql PyPI...
EUVD-2024-44946
Malicious code in bioql PyPI...
EUVD-2022-41793
Malicious code in bioql PyPI...
WordPress Contact Forms by Cimatti plugin <= 1.9.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Shivam Khanna Patchstack Alliance in WordPress Plugin Contact Forms by Cimatti versions = 1.9.8...